CVE-2012-1253 — Cross-site Scripting in Webmail
Severity
2.6LOWNVD
EPSS
0.3%
top 51.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 4
Latest updateMay 17
Description
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment.
CVSS vector
AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9
Affected Packages1 packages
🔴Vulnerability Details
3GHSA▶
GHSA-3mvr-3jc2-mgf4: Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0↗2022-05-17
OSV
▶
CVEList
▶