Description

Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment.

Remediation

References

CVE-2012-1253

Related Vulnerabilities

Jenkins Improper Input Validation Vulnerability (CVE-2015-1808)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1158)

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1855)

WordPress Plugin 10Web Map Builder for Google Maps Cross-Site Scripting (1.0.71)

Moodle CVE-2023-5551 Vulnerability (CVE-2023-5551)

Severity

Low

Classification

CVE-2012-1253 CWE-707

Tags

Missing Update Known Vulnerabilities