Description

Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.8.5 allows remote attackers to inject arbitrary web script or HTML via a (1) data:text or (2) vbscript link.

Remediation

References

CVE-2012-6121

Related Vulnerabilities

Mailman Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2021-42096)

WordPress Plugin Ultimate Coming Soon, Maintenance Mode for WordPress-Everest Coming Soon Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.0)

WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights Cross-Site Scripting (7.1.0)

Django Uncontrolled Resource Consumption Vulnerability (CVE-2021-45115)

ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9465)

Severity

Medium

Classification

CVE-2012-6121 CWE-707

Tags

Missing Update Known Vulnerabilities