CVE-2020-13964 – Debian Security Advisory 4700-1
https://notcve.org/view.php?id=CVE-2020-13964
09 Jun 2020 — An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmail_output_html.php allows XSS via the username template object. Se detectó un problema en Roundcube Webmail versiones anteriores a 1.3.12. En el archivo include/rcmail_output_html.php permite un ataque de tipo XSS por medio del objeto de plantilla de nombre de usuario Matei Badanoiu and LoRexxar@knownsec discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not correctly process ... • https://github.com/roundcube/roundcubemail/commit/37e2bc745723ef6322f0f785aefd0b9313a40f19 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-13965 – Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability
https://notcve.org/view.php?id=CVE-2020-13965
09 Jun 2020 — An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS via a malicious XML attachment because text/xml is among the allowed types for a preview. Se detectó un problema en Roundcube Webmail versiones anteriores a 1.3.12. Se presenta una vulnerabilidad de tipo XSS por medio de un archivo adjunto XML malicioso porque text/xml se encuentra entre los tipos permitidos para una vista previa Matei Badanoiu and LoRexxar@knownsec discovered that roundcube, a skinnable AJAX bas... • https://github.com/mbadanoiu/CVE-2020-13965 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVE-2020-12640
https://notcve.org/view.php?id=CVE-2020-12640
04 May 2020 — Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php. Roundcube Webmail versiones anteriores a la versión 1.4.4, permite a atacantes incluir archivos locales y ejecutar código por medio de un salto de directorio en un nombre de plugin en archivo rcube_plugin_api.php. • https://github.com/mbadanoiu/CVE-2020-12640 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2020-12641 – Roundcube Webmail Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-12641
04 May 2020 — rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path. El archivo rcube_image.php en Roundcube Webmail versiones anteriores a la versión 1.4.4, permite a atacantes ejecutar código arbitrario por medio de metacaracteres de shell en un ajuste de configuración para im_convert_path o im_identify_path. Roundcube Webmail contains an remote code execution vulnerability that allows atta... • https://github.com/mbadanoiu/CVE-2020-12641 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2020-12625 – Debian Security Advisory 4674-1
https://notcve.org/view.php?id=CVE-2020-12625
04 May 2020 — An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vulnerability in rcube_washtml.php because JavaScript code can occur in the CDATA of an HTML message. Se detectó un problema en Roundcube Webmail versiones anteriores a 1.4.4. Se presenta una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo rcube_washtml.php porque el código JavaScript puede aparecer en el CDATA de un mensaje HTML. It was discovered that roundcube, a skinnable AJAX based webmail s... • https://github.com/mbadanoiu/CVE-2020-12625 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-12626 – Debian Security Advisory 4674-1
https://notcve.org/view.php?id=CVE-2020-12626
04 May 2020 — An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF attack can cause an authenticated user to be logged out because POST was not considered. Se detectó un problema en Roundcube Webmail versiones anteriores a 1.4.4. Un ataque de tipo CSRF puede causar que un usuario autenticado cierre sesión porque POST no se consideró. It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not correctly process and sanitize requests. • https://github.com/roundcube/roundcubemail/commit/9bbda422ff0b782b81de59c86994f1a5fd93f8e6 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2019-13389
https://notcve.org/view.php?id=CVE-2019-13389
20 Mar 2020 — RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as xlink:href validation, the X-XSS-Protection header, and the Content-Security-Policy header. RainLoop Webmail versiones anteriores a 1.13.0, carece de mecanismos de protección de XSS, tal y como xlink: comprobación de href, el encabezado X-XSS-Protection y el encabezado Content-Security-Policy. • https://github.com/RainLoop/rainloop-webmail/commit/8eb4588917b4741889fdd905d4c32e3e86317693 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-15237
https://notcve.org/view.php?id=CVE-2019-15237
20 Aug 2019 — Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks. Roundcube Webmail versiones hasta 1.3.9, maneja inapropiadamente los nombres de dominio Punycode xn--, conllevando a ataques homográficos. • https://github.com/roundcube/roundcubemail/issues/6891 •
CVE-2019-10740
https://notcve.org/view.php?id=CVE-2019-10740
07 Apr 2019 — In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker. En Roundcube Webmail en versiones... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html • CWE-319: Cleartext Transmission of Sensitive Information •
CVE-2018-19206 – Debian Security Advisory 4344-1
https://notcve.org/view.php?id=CVE-2018-19206
12 Nov 2018 — steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of <svg><style>, as demonstrated by an onload attribute in a BODY element, within an HTML attachment. steps/mail/func.inc en Roundcube en versiones anteriores a la 1.3.8 tiene Cross-Site Scripting (XSS) mediante el uso manipulado de Aidan Marlin discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling invalid style tag content. • https://github.com/roundcube/roundcubemail/releases/tag/1.3.8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •