关联漏洞
标题:
Roundcube Webmail 跨站脚本漏洞
(CVE-2020-13965)
描述:Roundcube Webmail是一款基于浏览器的开源IMAP客户端,它支持地址薄管理、信息搜索、拼写检查等。 Roundcube Webmail 1.3.12之前版本和1.4.5之前的1.4.x版本中存在跨站脚本漏洞。该漏洞源于网络系统或产品未能正确地过滤资源或文件路径中的特殊元素。攻击者可利用该漏洞访问受限目录之外的位置。
描述
CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail
介绍
# CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail
A Cross-Site scripting (XSS) vulnerability exists in Roundcube versions before 1.4.5 and 1.3.12.
By leveraging the parsing of "text/xml" attachment, an attacker can bypass the Roundcube script filter and execute arbitrary malicious JavaScript in the victim's browser when the malicious attachment is clicked/previewed.
### Vendor Disclosure:
The vendor's disclosure and fix for this vulnerability can be found [here](https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12).
### Requirements:
This vulnerability requires:
<br/>
- Waiting for a Roundcube user to open the attachment containg the XSS
### Proof Of Concept:
More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2020-13965/blob/main/Roundcube%20Disclosures%20-%20CVE-2020-13965.pdf).
文件快照
[4.0K] /data/pocs/bfa1dc06bef71f1993fa8c0e3488697ad1f07a40
├── [ 909] README.md
└── [482K] Roundcube Disclosures - CVE-2020-13965.pdf
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。