Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RoundCube Webmail 安全漏洞
Vulnerability Description
RoundCube Webmail是一款基于浏览器的IMAP客户端(邮件客户端),它支持地址薄管理、信息搜索、拼写检查等。 Roundcube Webmail中存在安全漏洞。攻击者可利用该漏洞重置任意密码。以下版本受到影响:Roundcube Webmail 1.0.11之前的版本、1.1.9之前的1.1.x版本、1.2.5之前的1.2.x版本。
CVSS Information
N/A
Vulnerability Type
N/A