New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Map Area- Persistent XSS Vulnerability in mail content page,please confirm. #5240
Labels
Milestone
Comments
alecpl
added a commit
that referenced
this issue
May 6, 2016
alecpl
added a commit
that referenced
this issue
May 6, 2016
alecpl
added a commit
that referenced
this issue
May 6, 2016
alecpl
added a commit
that referenced
this issue
May 6, 2016
|
No CVE assigned? |
|
That's likely CVE-2016-4552 |
|
... and also CVE-2016-5103 |
|
@thomascube Thank you and have a nice weekend. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Steps to reproduce:
-Compose email content via HTML mode.You can use email sending tool or other webmail to send it.The HTML content is below:
<img src=# usemap=#foo width=100%><map name="foo"><area href=javascript:alert(document.domain) shape=default>-Send the mail to roundcube mail system
-Log in to roundcube mail system and open the mail received
-Click the area near the image in the content.The xss will be triggered
The vulnerability can be triggered in Chrome,Firefox,Safari.
The testing roundcube webmail version is 1.1.5.Link is below:
https://github.com/roundcube/roundcubemail/releases/download/1.1.5/roundcubemail-1.1.5-complete.tar.gz
The test screenshot link:http://pan.baidu.com/s/1nvQt9Eh
The text was updated successfully, but these errors were encountered: