XSS via _mbox-parameter in Roundcube v.1.1.1 #4837
Closed
Labels
Milestone
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Reported by sroesemann on 30 May 2015 11:30 UTC as Trac ticket #1490417
The XSS-vulnerability can be triggered by appending malicious script code to the _mbox-parameter. The following example will pop an alert box:
https://{YOURSERVER}/?_task=mail&_mbox=INBOX%22%3E%3Cscript%3Ealert(%22Roundcube+v1.1.1+XSS%22)%3C%2Fscript%3E
Attackers could use this vulnerability to steal cookies or extract email-content.
Used browsers: Mozilla Firefox v. 38.0.1, Apple Safari 8.0.6 on Mac OSX 10.10.
Keywords: XSS, Vulnerability
Migrated-From: http://trac.roundcube.net/ticket/1490417
The text was updated successfully, but these errors were encountered: