Description

Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the signature in an email.

Remediation

References

CVE-2012-4668

Related Vulnerabilities

MySQL CVE-2016-9841 Vulnerability (CVE-2016-9841)

WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.4.37.727)

WordPress Plugin Modern Events Calendar Lite Cross-Site Scripting (5.22.2)

WebLogic CVE-2020-2766 Vulnerability (CVE-2020-2766)

XWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-29253)

Severity

Medium

Classification

CVE-2012-4668 CWE-707

Tags

Missing Update Known Vulnerabilities