Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Roundcube 跨站脚本漏洞
Vulnerability Description
Roundcube是一款基于浏览器的IMAP客户端(邮件客户端),它支持地址薄管理、信息搜索、拼写检查等。 Roundcube 1.1.8之前的版本和1.2.4之前的1.2.x版本中的rcube_utils.php文件存在跨站脚本漏洞。攻击者可借助特制的Cascading Style Sheets (CSS)令牌序列利用该漏洞执行任意的Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A