RoundCube Webmail '_mbox' Parameter Cross Site Scripting Vulnerability

Bugtraq ID: 49229
Class: Input Validation Error
CVE: CVE-2011-2937
CVE-2011-2937
Remote: Yes
Local: No
Published: Aug 18 2011 12:00AM
Updated: Apr 16 2015 05:48PM
Credit: <br>abyszko
Vulnerable: Roundcube Webmail 0.5.1
Roundcube Webmail 0.5 Rc
Roundcube Webmail 0.5 Beta
Roundcube Webmail 0.5
Roundcube Webmail 0.4.2
Roundcube Webmail 0.4.1
Roundcube Webmail 0.4 Beta
Roundcube Webmail 0.4
Roundcube Webmail 0.3.1
Roundcube Webmail 0.3 Rc1
Roundcube Webmail 0.3 Beta
Roundcube Webmail 0.3
Roundcube Webmail 0.2.1
Roundcube Webmail 0.2 Beta
Roundcube Webmail 0.2 alpha
Roundcube Webmail 0.2
Roundcube Webmail 0.1.1
Roundcube Webmail 0.1 Rc2
Roundcube Webmail 0.1 Rc1
Roundcube Webmail 0.1 Beta2
Roundcube Webmail 0.1 Beta
Roundcube Webmail 0.1 Alpha
Roundcube Webmail 0.1
Round Cube RoundCube Webmail 0.5.3
Round Cube RoundCube Webmail 0.5.1
Round Cube RoundCube Webmail 0.3.1
Round Cube RoundCube Webmail 0.2.2
Round Cube RoundCube Webmail 0.5
Round Cube RoundCube Webmail 0.4-beta
Round Cube RoundCube Webmail 0.3 stable
Round Cube RoundCube Webmail 0.2-stable
Round Cube RoundCube Webmail 0.2-3 beta
Round Cube RoundCube Webmail 0.2-1 alpha
Round Cube RoundCube Webmail 0.1rc2
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Apple Mac Os X Server 10.7.2
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.1
Not Vulnerable: Round Cube RoundCube Webmail 0.5.4
Apple Mac Os X Server 10.7.3
Apple Mac Os X 10.7.3


 

Privacy Statement
Copyright 2010, SecurityFocus