Shodan
Vulnerabilities
Vulnerable Software
Roundcube:  >> Webmail  >> 1.5.4  Security Vulnerabilities
CVE-2023-47272
Roundcube 1.5.x before 1.5.6 and 1.6.x before 1.6.5 allows XSS via a Content-Type or Content-Disposition header (used for attachment preview or download).
CVSS Score
6.1
EPSS Score
0.006
Published
2023-11-06
CVE-2023-5631
Known exploited
Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code.
CVSS Score
6.1
EPSS Score
0.709
Published
2023-10-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved