Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Roundcube Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2012-1253 - Vulnerability Database
Roundcube

Roundcube Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2012-1253

Low
Reference: CVE-2012-1253
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-1253
Title: Roundcube Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7 when Internet Explorer is used allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment.