cvelistv5 - cve-2020-15562

CVE-2020-15562 (GCVE-0-2020-15562)

Vulnerability from cvelistv5 – Published: 2020-07-06 11:26 – Updated: 2024-08-04 13:22

Summary

An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/roundcube/roundcubemail/releas…	x_refsource_MISC
	https://github.com/roundcube/roundcubemail/releas…	x_refsource_MISC
	https://github.com/roundcube/roundcubemail/releas…	x_refsource_MISC
	https://github.com/roundcube/roundcubemail/commit…	x_refsource_MISC
	https://www.debian.org/security/2020/dsa-4720	vendor-advisoryx_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:22:29.362Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"
          },
          {
            "name": "DSA-4720",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4720"
          },
          {
            "name": "openSUSE-SU-2020:1516",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-24T17:07:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"
        },
        {
          "name": "DSA-4720",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4720"
        },
        {
          "name": "openSUSE-SU-2020:1516",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-15562",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7",
              "refsource": "MISC",
              "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"
            },
            {
              "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14",
              "refsource": "MISC",
              "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"
            },
            {
              "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11",
              "refsource": "MISC",
              "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"
            },
            {
              "name": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82",
              "refsource": "MISC",
              "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"
            },
            {
              "name": "DSA-4720",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4720"
            },
            {
              "name": "openSUSE-SU-2020:1516",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-15562",
    "datePublished": "2020-07-06T11:26:09",
    "dateReserved": "2020-07-06T00:00:00",
    "dateUpdated": "2024-08-04T13:22:29.362Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.2.11\", \"matchCriteriaId\": \"59E2619C-F903-46BF-BD0F-15BF3962FCD5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.3.0\", \"versionEndExcluding\": \"1.3.14\", \"matchCriteriaId\": \"3B61D09F-12E7-441A-A6E5-0F14D0782A81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.4.0\", \"versionEndExcluding\": \"1.4.7\", \"matchCriteriaId\": \"15A19F05-5C84-4252-B9E4-E12A9EB2AD8F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.\"}, {\"lang\": \"es\", \"value\": \"Se detect\\u00f3 un problema en Roundcube Webmail versiones anteriores a 1.2.11, versiones 1.3.x anteriores a 1.3.14 y versiones 1.4.x anteriores a 1.4.7. Permite un ataque de tipo XSS por medio de un mensaje de correo electr\\u00f3nico HTML dise\\u00f1ado, como es demostrado por una carga \\u00fatil de JavaScript en el atributo xmlns (tambi\\u00e9n se conoce como espacio de nombres XML) de un elemento HEAD cuando se presenta un elemento SVG\"}]",
      "id": "CVE-2020-15562",
      "lastModified": "2024-11-21T05:05:44.210",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2020-07-06T12:15:10.720",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.2.11\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.3.14\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.4.7\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4720\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.2.11\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.3.14\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.4.7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2020/dsa-4720\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-15562\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-07-06T12:15:10.720\",\"lastModified\":\"2024-11-21T05:05:44.210\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 un problema en Roundcube Webmail versiones anteriores a 1.2.11, versiones 1.3.x anteriores a 1.3.14 y versiones 1.4.x anteriores a 1.4.7. Permite un ataque de tipo XSS por medio de un mensaje de correo electr\u00f3nico HTML dise\u00f1ado, como es demostrado por una carga \u00fatil de JavaScript en el atributo xmlns (tambi\u00e9n se conoce como espacio de nombres XML) de un elemento HEAD cuando se presenta un elemento SVG\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.2.11\",\"matchCriteriaId\":\"59E2619C-F903-46BF-BD0F-15BF3962FCD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.3.0\",\"versionEndExcluding\":\"1.3.14\",\"matchCriteriaId\":\"3B61D09F-12E7-441A-A6E5-0F14D0782A81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.4.0\",\"versionEndExcluding\":\"1.4.7\",\"matchCriteriaId\":\"15A19F05-5C84-4252-B9E4-E12A9EB2AD8F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.2.11\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.3.14\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.4.7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4720\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.2.11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.3.14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.4.7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4720\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

FKIE_CVE-2020-15562

Vulnerability from fkie_nvd - Published: 2020-07-06 12:15 - Updated: 2024-11-21 05:05

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html	Broken Link
cve@mitre.org	https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82	Patch, Third Party Advisory
cve@mitre.org	https://github.com/roundcube/roundcubemail/releases/tag/1.2.11	Release Notes, Third Party Advisory
cve@mitre.org	https://github.com/roundcube/roundcubemail/releases/tag/1.3.14	Release Notes, Third Party Advisory
cve@mitre.org	https://github.com/roundcube/roundcubemail/releases/tag/1.4.7	Release Notes, Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2020/dsa-4720	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/roundcube/roundcubemail/releases/tag/1.2.11	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/roundcube/roundcubemail/releases/tag/1.3.14	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/roundcube/roundcubemail/releases/tag/1.4.7	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2020/dsa-4720	Third Party Advisory

Impacted products

Vendor	Product	Version
roundcube	webmail	*
roundcube	webmail	*
roundcube	webmail	*
debian	debian_linux	10.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59E2619C-F903-46BF-BD0F-15BF3962FCD5",
              "versionEndExcluding": "1.2.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B61D09F-12E7-441A-A6E5-0F14D0782A81",
              "versionEndExcluding": "1.3.14",
              "versionStartIncluding": "1.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15A19F05-5C84-4252-B9E4-E12A9EB2AD8F",
              "versionEndExcluding": "1.4.7",
              "versionStartIncluding": "1.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 un problema en Roundcube Webmail versiones anteriores a 1.2.11, versiones 1.3.x anteriores a 1.3.14 y versiones 1.4.x anteriores a 1.4.7. Permite un ataque de tipo XSS por medio de un mensaje de correo electr\u00f3nico HTML dise\u00f1ado, como es demostrado por una carga \u00fatil de JavaScript en el atributo xmlns (tambi\u00e9n se conoce como espacio de nombres XML) de un elemento HEAD cuando se presenta un elemento SVG"
    }
  ],
  "id": "CVE-2020-15562",
  "lastModified": "2024-11-21T05:05:44.210",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-06T12:15:10.720",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2020/dsa-4720"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2020/dsa-4720"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

OPENSUSE-SU-2020:1516-1

Vulnerability from csaf_opensuse - Published: 2020-09-24 12:21 - Updated: 2020-09-24 12:21

Summary

Security update for roundcubemail

Notes

Title of the patch

Security update for roundcubemail

Description of the patch

This update for roundcubemail fixes the following issues: roundcubemail was upgraded to 1.3.15 This is a security update to the LTS version 1.3. (boo#1175135) * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145] * Security: Fix cross-site scripting (XSS) via HTML messages with malicious math content From 1.3.14 (boo#1173792 -> CVE-2020-15562) * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg/namespace From 1.3.13 * Installer: Fix regression in SMTP test section (#7417) From 1.3.12 * Security: Better fix for CVE-2020-12641 (boo#1171148) * Security: Fix XSS issue in template object 'username' (#7406) * Security: Fix couple of XSS issues in Installer (#7406) * Security: Fix cross-site scripting (XSS) via malicious XML attachment From 1.3.11 (boo#1171148 -> CVE-2020-12641 boo#1171040 -> CVE-2020-12625 boo#1171149 -> CVE-2020-12640) * Enigma: Fix compatibility with Mail_Mime >= 1.10.5 * Fix permissions on some folders created by bin/install-jsdeps.sh script (#6930) * Fix bug where inline images could have been ignored if Content-Id header contained redundant spaces (#6980) * Fix PHP Warning: Use of undefined constant LOG_EMERGE (#6991) * Fix PHP warning: 'array_merge(): Expected parameter 2 to be an array, null given in sendmail.inc (#7003) * Security: Fix XSS issue in handling of CDATA in HTML messages * Security: Fix remote code execution via crafted 'im_convert_path' or 'im_identify_path' settings * Security: Fix local file inclusion (and code execution) via crafted 'plugins' option * Security: Fix CSRF bypass that could be used to log out an authenticated user (#7302) From 1.3.10 (boo#1146286) * Managesieve: Fix so 'Create filter' option does not show up when Filters menu is disabled (#6723) * Enigma: Fix bug where revoked users/keys were not greyed out in key info * Enigma: Fix error message when trying to encrypt with a revoked key (#6607) * Enigma: Fix 'decryption oracle' bug [CVE-2019-10740] (#6638) * Fix compatibility with kolab/net_ldap3 > 1.0.7 (#6785) * Fix bug where bmp images couldn't be displayed on some systems (#6728) * Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp (#6744) * Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758) * Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only tld (#6746) * Fix bug where Next/Prev button in mail view didn't work with multi-folder search result (#6793) * Fix bug where selection of columns on messages list wasn't working * Fix bug in converting multi-page Tiff images to Jpeg (#6824) * Fix wrong messages order after returning to a multi-folder search result (#6836) * Fix PHP 7.4 deprecation: implode() wrong parameter order (#6866) * Fix bug where it was possible to bypass the position:fixed CSS check in received messages (#6898) * Fix bug where some strict remote URIs in url() style were unintentionally blocked (#6899) * Fix bug where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class (#6897) * Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896) From 1.3.9 (boo#1115718) * Fix TinyMCE download location (#6694) * Fix bug where a message/rfc822 part without a filename wasn't listed on the attachments list (#6494) * Fix handling of empty entries in vCard import (#6564) * Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577) * Fix PHP 7.2 compatibility in debug_logger plugin (#6586) * Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581) * Fix so mime_content_type check in Installer uses files that should always be available (i.e. from program/resources) (#6599) * Fix missing CSRF token on a link to download too-big message part (#6621) * Fix bug when aborting dragging with ESC key didn't stop the move action (#6623) * Fix bug where next row wasn't selected after deleting a collapsed thread (#6655) From 1.3.8 * Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 (#6374) * Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors in dovecot 2.3 (#6383) * Enigma: Fix deleting keys with authentication subkeys (#6381) * Fix invalid regular expressions that throw warnings on PHP 7.3 (#6398) * Fix so Classic skin splitter does not escape out of window (#6397) * Fix XSS issue in handling invalid style tag content (#6410) * Fix compatibility with MySQL 8 - error on 'system' table use * Managesieve: Fix bug where show_real_foldernames setting wasn't respected (#6422) * New_user_identity: Fix %fu/%u vars substitution in user specific LDAP params (#6419) * Fix support for 'allow-from <uri>' in 'x_frame_options' config option (#6449) * Fix bug where valid content between HTML comments could have been skipped in some cases (#6464) * Fix multiple VCard field search (#6466) * Fix session issue on long running requests (#6470) From 1.3.7 (boo#1115719) * Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244) * Fix bug where some parts of quota information could have been ignored (#6280) * Fix bug where some escape sequences in html styles could bypass security checks * Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names * Fix bug where only attachments with the same name would be ignored on zip download (#6301) * Fix bug where unicode contact names could have been broken/emptied or caused DB errors (#6299) * Fix bug where after 'mark all folders as read' action message counters were not reset (#6307) * Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289) * Fix bug where some HTML comments could have been malformed by HTML parser (#6333)

Patchnames

openSUSE-2020-1516

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for roundcubemail",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for roundcubemail fixes the following issues:\n\nroundcubemail was upgraded to 1.3.15\n\nThis is a security update to the LTS version 1.3. (boo#1175135)\n\n  * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145]\n  * Security: Fix cross-site scripting (XSS) via HTML messages with malicious math content\n\nFrom 1.3.14 (boo#1173792 -\u003e CVE-2020-15562)\n\n  * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg/namespace\n\nFrom 1.3.13\n\n  * Installer: Fix regression in SMTP test section (#7417)\n\nFrom 1.3.12\n\n  * Security: Better fix for CVE-2020-12641 (boo#1171148)\n  * Security: Fix XSS issue in template object \u0027username\u0027 (#7406)\n  * Security: Fix couple of XSS issues in Installer (#7406)\n  * Security: Fix cross-site scripting (XSS) via malicious XML attachment\n\nFrom 1.3.11 (boo#1171148 -\u003e CVE-2020-12641 boo#1171040 -\u003e CVE-2020-12625 boo#1171149 -\u003e CVE-2020-12640)\n\n  * Enigma: Fix compatibility with Mail_Mime \u003e= 1.10.5\n  * Fix permissions on some folders created by bin/install-jsdeps.sh script (#6930)\n  * Fix bug where inline images could have been ignored if Content-Id header contained redundant spaces (#6980)\n  * Fix PHP Warning: Use of undefined constant LOG_EMERGE (#6991)\n  * Fix PHP warning: \u0027array_merge(): Expected parameter 2 to be an array, null given in sendmail.inc (#7003)\n  * Security: Fix XSS issue in handling of CDATA in HTML messages\n  * Security: Fix remote code execution via crafted \u0027im_convert_path\u0027 or \u0027im_identify_path\u0027 settings\n  * Security: Fix local file inclusion (and code execution) via crafted \u0027plugins\u0027 option\n  * Security: Fix CSRF bypass that could be used to log out an authenticated user (#7302)\n\nFrom 1.3.10 (boo#1146286)\n\n  * Managesieve: Fix so \u0027Create filter\u0027 option does not show up when Filters menu is disabled (#6723)\n  * Enigma: Fix bug where revoked users/keys were not greyed out in key info\n  * Enigma: Fix error message when trying to encrypt with a revoked key (#6607)\n  * Enigma: Fix \u0027decryption oracle\u0027 bug [CVE-2019-10740] (#6638) \n  * Fix compatibility with kolab/net_ldap3 \u003e 1.0.7 (#6785)\n  * Fix bug where bmp images couldn\u0027t be displayed on some systems (#6728)\n  * Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp (#6744)\n  * Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758)\n  * Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only tld (#6746)\n  * Fix bug where Next/Prev button in mail view didn\u0027t work with multi-folder search result (#6793)\n  * Fix bug where selection of columns on messages list wasn\u0027t working\n  * Fix bug in converting multi-page Tiff images to Jpeg (#6824)\n  * Fix wrong messages order after returning to a multi-folder search result (#6836)\n  * Fix PHP 7.4 deprecation: implode() wrong parameter order (#6866)\n  * Fix bug where it was possible to bypass the position:fixed CSS check in received messages (#6898)\n  * Fix bug where some strict remote URIs in url() style were unintentionally blocked (#6899)\n  * Fix bug where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class (#6897)\n  * Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896)\n\nFrom 1.3.9 (boo#1115718)\n\n  * Fix TinyMCE download location (#6694)\n  * Fix bug where a message/rfc822 part without a filename wasn\u0027t listed on the attachments list (#6494)\n  * Fix handling of empty entries in vCard import (#6564)\n  * Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577)\n  * Fix PHP 7.2 compatibility in debug_logger plugin (#6586)\n  * Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581)\n  * Fix so mime_content_type check in Installer uses files that should always\n    be available (i.e. from program/resources) (#6599)\n  * Fix missing CSRF token on a link to download too-big message part (#6621)\n  * Fix bug when aborting dragging with ESC key didn\u0027t stop the move action (#6623)\n  * Fix bug where next row wasn\u0027t selected after deleting a collapsed thread (#6655)\n\nFrom 1.3.8 \n\n  * Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 (#6374)\n  * Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors in dovecot 2.3 (#6383)\n  * Enigma: Fix deleting keys with authentication subkeys (#6381)\n  * Fix invalid regular expressions that throw warnings on PHP 7.3 (#6398)\n  * Fix so Classic skin splitter does not escape out of window (#6397)\n  * Fix XSS issue in handling invalid style tag content (#6410)\n  * Fix compatibility with MySQL 8 - error on \u0027system\u0027 table use\n  * Managesieve: Fix bug where show_real_foldernames setting wasn\u0027t respected (#6422)\n  * New_user_identity: Fix %fu/%u vars substitution in user specific LDAP params (#6419)\n  * Fix support for \u0027allow-from \u003curi\u003e\u0027 in \u0027x_frame_options\u0027 config option (#6449)\n  * Fix bug where valid content between HTML comments could have been skipped in some cases (#6464)\n  * Fix multiple VCard field search (#6466)\n  * Fix session issue on long running requests (#6470)\n\nFrom 1.3.7 (boo#1115719)\n\n  * Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244)\n  * Fix bug where some parts of quota information could have been ignored (#6280)\n  * Fix bug where some escape sequences in html styles could bypass security checks\n  * Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names\n  * Fix bug where only attachments with the same name would be ignored on zip download (#6301)\n  * Fix bug where unicode contact names could have been broken/emptied or caused DB errors (#6299)\n  * Fix bug where after \u0027mark all folders as read\u0027 action message counters were not reset (#6307)\n  * Enigma: [EFAIL] Don\u0027t decrypt PGP messages with no MDC protection (#6289)\n  * Fix bug where some HTML comments could have been malformed by HTML parser (#6333)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2020-1516",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1516-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2020:1516-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3FA23YXQFYWKLULMWY4AOGET45U5NWC4/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2020:1516-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3FA23YXQFYWKLULMWY4AOGET45U5NWC4/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1115718",
        "url": "https://bugzilla.suse.com/1115718"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1115719",
        "url": "https://bugzilla.suse.com/1115719"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1146286",
        "url": "https://bugzilla.suse.com/1146286"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1171040",
        "url": "https://bugzilla.suse.com/1171040"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1171148",
        "url": "https://bugzilla.suse.com/1171148"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1171149",
        "url": "https://bugzilla.suse.com/1171149"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1173792",
        "url": "https://bugzilla.suse.com/1173792"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1175135",
        "url": "https://bugzilla.suse.com/1175135"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-10740 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-10740/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12625 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12625/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12640 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12640/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12641 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12641/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15562 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15562/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-16145 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-16145/"
      }
    ],
    "title": "Security update for roundcubemail",
    "tracking": {
      "current_release_date": "2020-09-24T12:21:24Z",
      "generator": {
        "date": "2020-09-24T12:21:24Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2020:1516-1",
      "initial_release_date": "2020-09-24T12:21:24Z",
      "revision_history": [
        {
          "date": "2020-09-24T12:21:24Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
                "product": {
                  "name": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
                  "product_id": "roundcubemail-1.3.15-bp152.4.3.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP1",
                "product": {
                  "name": "SUSE Package Hub 15 SP1",
                  "product_id": "SUSE Package Hub 15 SP1"
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP2",
                "product": {
                  "name": "SUSE Package Hub 15 SP2",
                  "product_id": "SUSE Package Hub 15 SP2"
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.1",
                "product": {
                  "name": "openSUSE Leap 15.1",
                  "product_id": "openSUSE Leap 15.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.2",
                "product": {
                  "name": "openSUSE Leap 15.2",
                  "product_id": "openSUSE Leap 15.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "roundcubemail-1.3.15-bp152.4.3.1.noarch as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch"
        },
        "product_reference": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "roundcubemail-1.3.15-bp152.4.3.1.noarch as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
        },
        "product_reference": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "roundcubemail-1.3.15-bp152.4.3.1.noarch as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch"
        },
        "product_reference": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "roundcubemail-1.3.15-bp152.4.3.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
        },
        "product_reference": "roundcubemail-1.3.15-bp152.4.3.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-10740",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-10740"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-10740",
          "url": "https://www.suse.com/security/cve/CVE-2019-10740"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131801 for CVE-2019-10740",
          "url": "https://bugzilla.suse.com/1131801"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175135 for CVE-2019-10740",
          "url": "https://bugzilla.suse.com/1175135"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-09-24T12:21:24Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-10740"
    },
    {
      "cve": "CVE-2020-12625",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12625"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vulnerability in rcube_washtml.php because JavaScript code can occur in the CDATA of an HTML message.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12625",
          "url": "https://www.suse.com/security/cve/CVE-2020-12625"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171040 for CVE-2020-12625",
          "url": "https://bugzilla.suse.com/1171040"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175135 for CVE-2020-12625",
          "url": "https://bugzilla.suse.com/1175135"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-09-24T12:21:24Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-12625"
    },
    {
      "cve": "CVE-2020-12640",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12640"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12640",
          "url": "https://www.suse.com/security/cve/CVE-2020-12640"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171149 for CVE-2020-12640",
          "url": "https://bugzilla.suse.com/1171149"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175135 for CVE-2020-12640",
          "url": "https://bugzilla.suse.com/1175135"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-09-24T12:21:24Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2020-12640"
    },
    {
      "cve": "CVE-2020-12641",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12641"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12641",
          "url": "https://www.suse.com/security/cve/CVE-2020-12641"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171148 for CVE-2020-12641",
          "url": "https://bugzilla.suse.com/1171148"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175135 for CVE-2020-12641",
          "url": "https://bugzilla.suse.com/1175135"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226069 for CVE-2020-12641",
          "url": "https://bugzilla.suse.com/1226069"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-09-24T12:21:24Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2020-12641"
    },
    {
      "cve": "CVE-2020-15562",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15562"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15562",
          "url": "https://www.suse.com/security/cve/CVE-2020-15562"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173792 for CVE-2020-15562",
          "url": "https://bugzilla.suse.com/1173792"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175135 for CVE-2020-15562",
          "url": "https://bugzilla.suse.com/1175135"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-09-24T12:21:24Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-15562"
    },
    {
      "cve": "CVE-2020-16145",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-16145"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
          "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-16145",
          "url": "https://www.suse.com/security/cve/CVE-2020-16145"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1175135 for CVE-2020-16145",
          "url": "https://bugzilla.suse.com/1175135"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "SUSE Package Hub 15 SP2:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.1:roundcubemail-1.3.15-bp152.4.3.1.noarch",
            "openSUSE Leap 15.2:roundcubemail-1.3.15-bp152.4.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-09-24T12:21:24Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-16145"
    }
  ]
}

CNVD-2021-17781

Vulnerability from cnvd - Published: 2021-03-16

Title

Roundcube Webmail跨站脚本漏洞（CNVD-2021-17781）

Description

Roundcube Webmail是一款基于浏览器的开源IMAP客户端，它支持地址薄管理、信息搜索、拼写检查等。 Roundcube Webmail 1.2.11之前版本、1.3.14之前的1.3.x版本和1.4.7之前的1.4.x版本中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。

Severity

中

Patch Name

Roundcube Webmail跨站脚本漏洞（CNVD-2021-17781）的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-15562

Impacted products

Name
['RoundCube Webmail <1.2.11', 'RoundCube Webmail 1.3.，<1.3.14', 'RoundCube Webmail 1.4.，<1.4.7']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-15562"
    }
  },
  "description": "Roundcube Webmail\u662f\u4e00\u6b3e\u57fa\u4e8e\u6d4f\u89c8\u5668\u7684\u5f00\u6e90IMAP\u5ba2\u6237\u7aef\uff0c\u5b83\u652f\u6301\u5730\u5740\u8584\u7ba1\u7406\u3001\u4fe1\u606f\u641c\u7d22\u3001\u62fc\u5199\u68c0\u67e5\u7b49\u3002\n\nRoundcube Webmail 1.2.11\u4e4b\u524d\u7248\u672c\u30011.3.14\u4e4b\u524d\u76841.3.x\u7248\u672c\u548c1.4.7\u4e4b\u524d\u76841.4.x\u7248\u672c\u4e2d\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8eWEB\u5e94\u7528\u7f3a\u5c11\u5bf9\u5ba2\u6237\u7aef\u6570\u636e\u7684\u6b63\u786e\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u5ba2\u6237\u7aef\u4ee3\u7801\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-17781",
  "openTime": "2021-03-16",
  "patchDescription": "Roundcube Webmail\u662f\u4e00\u6b3e\u57fa\u4e8e\u6d4f\u89c8\u5668\u7684\u5f00\u6e90IMAP\u5ba2\u6237\u7aef\uff0c\u5b83\u652f\u6301\u5730\u5740\u8584\u7ba1\u7406\u3001\u4fe1\u606f\u641c\u7d22\u3001\u62fc\u5199\u68c0\u67e5\u7b49\u3002\r\n\r\nRoundcube Webmail 1.2.11\u4e4b\u524d\u7248\u672c\u30011.3.14\u4e4b\u524d\u76841.3.x\u7248\u672c\u548c1.4.7\u4e4b\u524d\u76841.4.x\u7248\u672c\u4e2d\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8eWEB\u5e94\u7528\u7f3a\u5c11\u5bf9\u5ba2\u6237\u7aef\u6570\u636e\u7684\u6b63\u786e\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u5ba2\u6237\u7aef\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Roundcube Webmail\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2021-17781\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "RoundCube Webmail \u003c1.2.11",
      "RoundCube Webmail 1.3.*\uff0c\u003c1.3.14",
      "RoundCube Webmail 1.4.*\uff0c\u003c1.4.7"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-15562",
  "serverity": "\u4e2d",
  "submitTime": "2020-07-07",
  "title": "Roundcube Webmail\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2021-17781\uff09"
}

GHSA-7GRQ-WWVX-8JCV

Vulnerability from github – Published: 2022-05-24 17:22 – Updated: 2023-01-20 21:30

Details

Severity ?

6.1 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-15562"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-07-06T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.",
  "id": "GHSA-7grq-wwvx-8jcv",
  "modified": "2023-01-20T21:30:27Z",
  "published": "2022-05-24T17:22:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15562"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4720"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2020-15562

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-15562

Aliases

CVE-2020-15562

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-15562",
    "description": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.",
    "id": "GSD-2020-15562",
    "references": [
      "https://www.suse.com/security/cve/CVE-2020-15562.html",
      "https://www.debian.org/security/2020/dsa-4720",
      "https://ubuntu.com/security/CVE-2020-15562"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-15562"
      ],
      "details": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.",
      "id": "GSD-2020-15562",
      "modified": "2023-12-13T01:21:44.072902Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2020-15562",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7",
            "refsource": "MISC",
            "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"
          },
          {
            "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14",
            "refsource": "MISC",
            "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"
          },
          {
            "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11",
            "refsource": "MISC",
            "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"
          },
          {
            "name": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82",
            "refsource": "MISC",
            "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"
          },
          {
            "name": "DSA-4720",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2020/dsa-4720"
          },
          {
            "name": "openSUSE-SU-2020:1516",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.4.7",
                "versionStartIncluding": "1.4.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.3.14",
                "versionStartIncluding": "1.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.2.11",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-15562"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"
            },
            {
              "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"
            },
            {
              "name": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"
            },
            {
              "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"
            },
            {
              "name": "DSA-4720",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4720"
            },
            {
              "name": "openSUSE-SU-2020:1516",
              "refsource": "SUSE",
              "tags": [
                "Broken Link"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2023-01-20T20:26Z",
      "publishedDate": "2020-07-06T12:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-15562 (GCVE-0-2020-15562)

FKIE_CVE-2020-15562

OPENSUSE-SU-2020:1516-1

CNVD-2021-17781

GHSA-7GRQ-WWVX-8JCV

GSD-2020-15562

Tags

Sightings

Nomenclature