EDB-30877
webappsphpVERIFIED
Roundcube Webmail 0.1 - CSS Expression Input Validation
CVE-2007-6321
Tomas Kuliavas11/10/2007
CVE-2007-6321
NONECross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via
Publicado: 12/12/2007Atualizado: 4/9/2025
Descrição
Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via style sheets containing expression commands.
Análise IADesenvolvido por IA
Produtos Afetados
roundcubewebmail
Exploits Disponíveis (1)
Referências
- http://openmya.hacker.jp/hasegawa/security/expression.txtExploit
- http://secunia.com/advisories/30734
- http://securityreason.com/securityalert/3435Exploit
- http://trac.roundcube.net/ticket/1484701Exploit
- http://www.securityfocus.com/archive/1/484802/100/0/threaded
- http://www.securityfocus.com/bid/26800Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38981
- http://openmya.hacker.jp/hasegawa/security/expression.txtExploit
- http://secunia.com/advisories/30734
- http://securityreason.com/securityalert/3435Exploit
- http://trac.roundcube.net/ticket/1484701Exploit
- http://www.securityfocus.com/archive/1/484802/100/0/threaded
- http://www.securityfocus.com/bid/26800Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38981