XSS within _mbox parameter #3469

rcubetrac · 2011-08-09T10:37:42Z

Reported by abyszko on 9 Aug 2011 10:37 UTC as Trac ticket #1488030

During one of pen-tests I found that _mbox parameter is not properly sanitized and reflected XSS attack is possible - example

I verified this on 0.5.2 and latest version from trunk.

rcubetrac · 2011-08-09T13:48:54Z

Comment by @alecpl on 9 Aug 2011 13:48 UTC

I'm unable to reproduce.

rcubetrac · 2011-08-09T13:48:54Z

Milestone changed by @alecpl on 9 Aug 2011 13:48 UTC

later => 0.6-beta

rcubetrac · 2011-08-09T14:03:37Z

Comment by abyszko on 9 Aug 2011 14:03 UTC

Are you authenticated?

rcubetrac · 2011-08-09T17:37:49Z

Comment by phs on 9 Aug 2011 17:37 UTC

Could reproduce it (see attachment "screenshot.png").

rcubetrac · 2011-08-09T18:41:33Z

Comment by @alecpl on 9 Aug 2011 18:41 UTC

I think 8dd172a fixes the issue.

rcubetrac · 2011-08-09T18:41:33Z

Status changed by @alecpl on 9 Aug 2011 18:41 UTC

new => closed

rcubetrac closed this Aug 9, 2011

rcubetrac added bug C: Security P2 labels Mar 20, 2016

rcubetrac added this to the 0.6-beta milestone Mar 20, 2016

roundcube / roundcubemail