CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Roundcube: >> Webmail >> 0.7.1 Security Vulnerabilities

CVE-2012-3507

Cross-site scripting (XSS) vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML via the email message subject.

CVSS Score

2.6

EPSS Score

0.004

Published

2012-08-25

Page 5

Vulnerabilities

Vulnerable Software

Roundcube: >> Webmail >> 0.7.1 Security Vulnerabilities

Products

Pricing

Contact Us