CVE-2009-0413

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2009-0413

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2009-0413.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2009-0413

Downstream

DEBIAN-CVE-2009-0413

Published

2009-02-03T23:30:00Z

Modified

2025-08-09T19:01:27Z

Summary

[none]

Details

Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message.

References

http://secunia.com/advisories/33622
http://secunia.com/advisories/33827
http://www.vupen.com/english/advisories/2009/0192
http://trac.roundcube.net/changeset/2245
http://www.securityfocus.com/bid/33372
https://exchange.xforce.ibmcloud.com/vulnerabilities/48129
https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00082.html

CVE-2009-0413

Affected packages