CVE-2017-6820 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Cross-site scripting |
Description | It has been discovered that rcube_utils.php in Roundcube before 1.1.8 and before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-199 | roundcubemail | 1.2.3-1 | 1.2.4-1 | Medium | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
14 Mar 2017 | ASA-201703-10 | AVG-199 | roundcubemail | Medium | cross-site scripting |