CVE-2012-3508

EPSS 8.1%

發布日:2012/8/25修改日:2026/5/29

也稱為:DEBIAN-CVE-2012-3508

描述

Cross-site scripting (XSS) vulnerability in program/lib/washtml.php in Roundcube Webmail 0.8.0 allows remote attackers to inject arbitrary web script or HTML by using "javascript:" in an href attribute in the body of an HTML-formatted email.

受影響套件(1)

Debian/roundcubefrom 0, < 0.7.2-4

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-3508