Lucene search
PRIOn knowledge basePRION:CVE-2021-46144HistoryJan 06, 2022 - 5:15 a.m.
Design/Logic Flaw
2022-01-0605:15:00
PRIOn knowledge base
www.prio-n.com
7
Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 9.0 | |
| debian_linux | eq | 10.0 | |
| debian_linux | eq | 11.0 | |
| roundcube | ge | 1.5.0 | |
| roundcube | lt | 1.5.2 | |
| roundcube | lt | 1.4.13 |
References
bugs.debian.org/1003027
github.com/roundcube/roundcubemail/commit/8894fddd59b770399eed4ef8d4da5773913b5bf0
github.com/roundcube/roundcubemail/commit/b2400a4b592e3094b6c84e6000d512f99ae0eed8
lists.debian.org/debian-lts-announce/2022/01/msg00005.html
roundcube.net/news/2021/12/30/security-update-1.4.13-released
roundcube.net/news/2021/12/30/update-1.5.2-released
www.debian.org/security/2022/dsa-5037
Related
openvas
openvas
Roundcube Webmail < 1.4.13, 1.5.x < 1.5.2 XSS Vulnerability
2022-01-11 00:00:00
Debian: Security Advisory (DSA-5037-1)
2022-01-09 00:00:00
Debian: Security Advisory (DLA-2878-1)
2022-01-13 00:00:00
osv
osv
roundcube - security update
2022-01-12 00:00:00
roundcube - security update
2022-01-08 00:00:00
CVE-2021-46144
2022-01-06 05:15:09
cve
cve
CVE-2021-46144
2022-01-06 05:15:09
ubuntucve
ubuntucve
CVE-2021-46144
2022-01-06 00:00:00
cnvd
cnvd
Roundcube Webmail Cross-Site Scripting Vulnerability (CNVD-2022-09795)
2022-01-10 00:00:00
debian
debian
[SECURITY] [DSA 5037-1] roundcube security update
2022-01-08 09:58:01
[SECURITY] [DLA 2878-1] roundcube security update
2022-01-12 15:39:17
nessus
nessus
Debian DLA-2878-1 : roundcube - LTS security update
2022-01-12 00:00:00
Debian DSA-5037-1 : roundcube - security update
2022-01-09 00:00:00
nvd
nvd
CVE-2021-46144
2022-01-06 05:15:09
debiancve
debiancve
CVE-2021-46144
2022-01-06 05:15:09
cvelist
cvelist
CVE-2021-46144
2022-01-06 04:08:32
ubuntu
ubuntu
Roundcube Webmail vulnerabilities
2022-08-08 00:00:00