CVE-2023-5631
Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability
Severity Score
5.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
Yes
*KEV
Decision
-
*SSVC
Descriptions
Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker
to load arbitrary JavaScript code.
Roundcube anterior a 1.4.15, 1.5.x anterior a 1.5.5 y 1.6.x anterior a 1.6.4 permiten almacenar XSS a través de un mensaje de correo electrónico HTML con un documento SVG manipulado debido al comportamiento de program/lib/Roundcube/rcube_washtml.php. Esto podría permitir que un atacante remoto cargue código JavaScript arbitrario.
Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that allows a remote attacker to run malicious JavaScript code.
*Credits:
Matthieu Faou, Denys Klymenko, Aleksander Machniak
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-10-18 CVE Reserved
- 2023-10-18 CVE Published
- 2023-10-26 Exploited in Wild
- 2023-11-16 KEV Due Date
- 2024-04-05 First Exploit
- 2024-08-02 CVE Updated
- 2024-10-24 EPSS Updated
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
- CAPEC-592: Stored XSS
References (16)
| URL | Date | SRC |
|---|---|---|
| https://github.com/soreta2/CVE-2023-5631-POC | 2024-04-05 | |
| https://github.com/roundcube/roundcubemail/issues/9168 | 2024-08-02 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Roundcube Search vendor "Roundcube" | Webmail Search vendor "Roundcube" for product "Webmail" | < 1.4.15 Search vendor "Roundcube" for product "Webmail" and version " < 1.4.15" | - |
Affected
| ||||||
| Roundcube Search vendor "Roundcube" | Webmail Search vendor "Roundcube" for product "Webmail" | >= 1.5.0 < 1.5.5 Search vendor "Roundcube" for product "Webmail" and version " >= 1.5.0 < 1.5.5" | - |
Affected
| ||||||
| Roundcube Search vendor "Roundcube" | Webmail Search vendor "Roundcube" for product "Webmail" | >= 1.6.0 < 1.6.4 Search vendor "Roundcube" for product "Webmail" and version " >= 1.6.0 < 1.6.4" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 12.0 Search vendor "Debian" for product "Debian Linux" and version "12.0" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 39 Search vendor "Fedoraproject" for product "Fedora" and version "39" | - |
Affected
| ||||||