[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: CVE Request: roundcube: XSS vulnerability in mail content page
From: cve-assign () mitre ! org
Date: 2016-05-26 18:18:56
Message-ID: 20160526181856.014BE7BC0A1 () smtpvmsrv1 ! mitre ! org
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
> Fix XSS issue in href attribute on area tag (#5240)
> https://github.com/roundcube/roundcubemail/issues/5240
> https://github.com/roundcube/roundcubemail/pull/5241
>
> <img src=# usemap=#foo width=100%><map name="foo"><area href=[XSS] shape=default>
Use CVE-2016-5103.
- --
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJXRzsvAAoJEHb/MwWLVhi2KlcQAK5YCa0J9EAyeVL8wtTL5fQd
ZULIXbjQ5jFSR/FP0zh7BFtpWPZCcfEsUcuxW2fC76NStQyeypLMBbGo+z0GMe0v
O0QmN1Jdk7DqpPo/g3nfX8v5S0XJdUNEXOXIgfB6RXGYLP6+j9uX5ZOgVIjFvXSi
XSrzh2YcDfuytqxZoUJkpgtfz8OGaSoJWRdC6MoF2ytmuZ9suB7OowKQyNRLszO+
dGeEh7T+MxepmDGTF3AQ0ssm7g7wEyC6ojBqsMdmZCVFbR84brDB8wc4ZWQYkI3e
ap0e/7dHyfzAzV3GN6BYvaz0rr/Wci8URQV+bRkObpRj8cKqAs/m2eaXOONxgCzn
Lw6WS4pVdgIFemvKV+Du/hewUHgo60g7dKQ1cw13UVO+VcQNv50wBpoc+W0KLR1r
hYAwEjN3V+pNvQZ+zNsO7IG2cVzGFWSBH3/amK9bAC3PZXRyY4bAbhF0GTEidgV5
f/qH8O4Y7TLHXunDwSStPtPpS94G6mHsOKaeHYdWODSs+2alJn+1MioLcAFdYq7G
sQ8QI4GoCN0JzVYMPMfTklByAtIrxG9cbpLa/X+/xSsbbXlIk+BJbGTD0Uz8iK4R
84J05w1ErGlJ0lphq5VfZbRIeM2wpLiVh58XAmiu7fh4+Z+JJpVR9ZzAdbS7TTj+
pkXD/GkrGu3Omjv8JSVl
=HbY0
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic