CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 1CVE-2020-12626 – Debian Security Advisory 4674-1
https://notcve.org/view.php?id=CVE-2020-12626
04 May 2020 — An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF attack can cause an authenticated user to be logged out because POST was not considered. Se detectó un problema en Roundcube Webmail versiones anteriores a 1.4.4. Un ataque de tipo CSRF puede causar que un usuario autenticado cierre sesión porque POST no se consideró. It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not correctly process and sanitize requests. • https://github.com/roundcube/roundcubemail/commit/9bbda422ff0b782b81de59c86994f1a5fd93f8e6 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2019-15237
https://notcve.org/view.php?id=CVE-2019-15237
20 Aug 2019 — Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks. Roundcube Webmail versiones hasta 1.3.9, maneja inapropiadamente los nombres de dominio Punycode xn--, conllevando a ataques homográficos. • https://github.com/roundcube/roundcubemail/issues/6891 •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 1CVE-2019-10740
https://notcve.org/view.php?id=CVE-2019-10740
07 Apr 2019 — In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker. En Roundcube Webmail en versiones... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-19205
https://notcve.org/view.php?id=CVE-2018-19205
12 Nov 2018 — Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for attackers to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php. Roundcube en versiones anteriores a la 1.3.7 gestiona de manera incorrecta las advertencias de integridad/protección GnuPG MDC, lo que facilita que los atacantes obtengan información sensible. Esto está relacionado con CVE-2017-17688. Esto está asociado con plugins... • https://github.com/roundcube/roundcubemail/releases/tag/1.3.7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 2%CPEs: 2EXPL: 0CVE-2018-19206 – Debian Security Advisory 4344-1
https://notcve.org/view.php?id=CVE-2018-19206
12 Nov 2018 — steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of <svg><style>, as demonstrated by an onload attribute in a BODY element, within an HTML attachment. steps/mail/func.inc en Roundcube en versiones anteriores a la 1.3.8 tiene Cross-Site Scripting (XSS) mediante el uso manipulado de Aidan Marlin discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling invalid style tag content. • https://github.com/roundcube/roundcubemail/releases/tag/1.3.8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 1%CPEs: 12EXPL: 1CVE-2017-17688
https://notcve.org/view.php?id=CVE-2017-17688
16 May 2018 — The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification ** EN DISPUTA ** La especificación OpenPGP permite un ataque malleability-gadget Cipher Feedback Mode (CFB) que puede conducir indirectamente a la exfiltra... • http://flaked.sockpuppet.org/2018/05/16/a-unified-timeline.html •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9846 – Debian Security Advisory 4181-1
https://notcve.org/view.php?id=CVE-2018-9846
07 Apr 2018 — In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "_uid" parameter (in an archive.php _task=mail&_mbox=INBOX&_action=plugin.move2archive request) to perform an MX (IMAP) injection attack by placing an IMAP command after a %0d%0a sequence. NOTE: this is less easily exploitable in 1.3.4 and later because of a Same Origin Policy protection mechanism. En Roundcube, de las versiones 1.2.0 a 1.3.5, con el plugin arc... • https://github.com/roundcube/roundcubemail/issues/6229 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-1000071
https://notcve.org/view.php?id=CVE-2018-1000071
13 Mar 2018 — roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity. roundcube, en versiones 1.3.4 y anteriores, contiene una vulnerabilidad de permisos inseguros en el plugin enigma que puede resultar en la exfiltración de la clave privada gpgp. Este ataque parece ser explotable mediante conectividad de red. • https://github.com/roundcube/roundcubemail/issues/6173 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 28%CPEs: 13EXPL: 5CVE-2017-16651 – Roundcube Webmail File Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-16651
09 Nov 2017 — Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests. Roundcube Webmail, en versiones a... • https://packetstorm.news/files/id/180675 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 6.1EPSS: 2%CPEs: 4EXPL: 0CVE-2015-5381
https://notcve.org/view.php?id=CVE-2015-5381
23 May 2017 — Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to the default URI. Vulnerabilidad de tipo Cross-site scripting (XSS) en program/include/rcmail.php en Roundcube Webmail, versiones 1.1.x anteriores a la 1.1.2, que permitiría a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro _mbox en la URI por defecto. • http://trac.roundcube.net/ticket/1490417 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •