CVE-2007-6321
- Source
- https://cve.org/CVERecord?id=CVE-2007-6321
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2007-6321.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2007-6321
- Downstream
- Published
- 2007-12-12T01:46:00Z
- Modified
- 2026-04-10T03:39:27.358240Z
- Summary
- [none]
- Details
-
Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via style sheets containing expression commands.
- References
-
- http://secunia.com/advisories/30734
- http://openmya.hacker.jp/hasegawa/security/expression.txt
- http://securityreason.com/securityalert/3435
- http://trac.roundcube.net/ticket/1484701
- http://www.securityfocus.com/bid/26800
- http://www.securityfocus.com/archive/1/484802/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38981