Lucene search
GoogleOSV:CVE-2016-4068HistoryApr 13, 2017 - 2:59 p.m.
CVE-2016-4068
2017-04-1314:59:01
Google
osv.dev
11
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864.
References
lists.opensuse.org/opensuse-updates/2016-08/msg00078.html
lists.opensuse.org/opensuse-updates/2016-08/msg00079.html
lists.opensuse.org/opensuse-updates/2016-08/msg00095.html
github.com/roundcube/roundcubemail/commit/40d7342dd9c9bd2a1d613edc848ed95a4d71aa18#commitcomment-15294218
github.com/roundcube/roundcubemail/issues/4949
github.com/roundcube/roundcubemail/releases/tag/1.0.9
github.com/roundcube/roundcubemail/releases/tag/1.1.5
github.com/roundcube/roundcubemail/wiki/Changelog#release-115
Related
nessus
nessus
Debian DLA-537-1 : roundcube security update
2016-07-01 00:00:00
Fedora 23 : roundcubemail-1.1.5-1.fc23 (2016-69eb7f9fb2)
2016-05-02 00:00:00
Fedora 24 : roundcubemail-1.1.5-1.fc24 (2016-aff691237e)
2016-05-09 00:00:00
ubuntucve
ubuntucve
CVE-2015-8864
2017-04-13 00:00:00
CVE-2016-4068
2017-04-13 00:00:00
cvelist
cvelist
CVE-2016-4068
2017-04-13 14:00:00
CVE-2015-8864
2017-04-13 14:00:00
openvas
openvas
Roundcube Webmail < 1.0.9, 1.1.x < 1.1.5 Multiple XSS Vulnerabilities
2017-05-08 00:00:00
Debian: Security Advisory (DLA-537-1)
2023-03-08 00:00:00
Fedora Update for roundcubemail FEDORA-2016-69
2016-05-06 00:00:00
debiancve
debiancve
CVE-2015-8864
2017-04-13 14:59:01
CVE-2016-4068
2017-04-13 14:59:01
debian
debian
[SECURITY] [DLA 537-1] roundcube security update
2016-06-30 21:18:59
prion
prion
Cross site scripting
2017-04-13 14:59:00
Cross site scripting
2017-04-13 14:59:00
cve
cve
nvd
nvd
fedora
fedora
[SECURITY] Fedora 24 Update: roundcubemail-1.1.5-1.fc24
2016-05-07 13:15:49
[SECURITY] Fedora 23 Update: roundcubemail-1.1.5-1.fc23
2016-04-30 23:54:17
[SECURITY] Fedora 22 Update: roundcubemail-1.1.5-1.fc22
2016-05-01 00:23:45
osv
osv
roundcube - security update
2016-06-30 00:00:00
mageia
mageia
Updated roundcubemail packages fix security vulnerabilities
2016-04-29 20:21:35