CVE-2024-42008 | RoundCube up to 1.5.7/1.6.7 Content-Type Header rcmail_action_mail_get cross site scripting

Inserito da Angelo Barbosa | Ago 5, 2024 | CVE

A vulnerability classified as problematic has been found in RoundCube up to 1.5.7/1.6.7. This affects the function rcmail_action_mail_get of the component Content-Type Header Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-42008. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-42008 | RoundCube up to 1.5.7/1.6.7 Content-Type Header rcmail_action_mail_get cross site scripting

Post correlati

CVE-2024-25844 | Common-Services So Flexibilite Module up to 4.1.25 on PrestaShop Debug File information disclosure

CVE-2024-3005 | LA-Studio Element Kit for Elementor Plugin up to 1.3.7.5 on WordPress LaStudioKit Post Author Widget cross site scripting

CVE-2024-10913 | Clone Plugin up to 2.4.6 on WordPress recursive_unserialized_replace code injection

CVE-2024-28432 | DedeCMS 5.7 /dede/article_edit.php cross-site request forgery