CVE-2024-42008 in RoundCubeinfo

Zusammenfassung

von MITRE • 05.08.2024

A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Zuständig

MITRE

Reservieren

26.07.2024

Veröffentlichung

05.08.2024

Moderieren

akzeptiert

Eintrag

VDB-273645

CPE

bereit

EPSS

0.33894

KEV

nein

Aktivitäten

very low

Quellen

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!