CVE-2012-4668

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2012-4668

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2012-4668.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2012-4668

Downstream

DEBIAN-CVE-2012-4668

UBUNTU-CVE-2012-4668

Published

2012-08-25T10:29:53Z

Modified

2026-04-10T03:43:13.326552Z

Summary

[none]

Details

Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the signature in an email.

References

https://github.com/roundcube/roundcubemail/commit/c086978f6a91eacb339fd2976202fca9dad2ef32
http://sourceforge.net/news/?group_id=139281&id=309011
http://trac.roundcube.net/ticket/1488613
http://www.openwall.com/lists/oss-security/2012/08/20/2
http://www.openwall.com/lists/oss-security/2012/08/20/9

CVE-2012-4668

Affected packages