Vulnerability Database

296,147

Total vulnerabilities in the database

CVE-2012-6121

Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.8.5 allows remote attackers to inject arbitrary web script or HTML via a (1) data:text or (2) vbscript link.

  • Published: Feb 24, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-6121
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
roundcube / webmail 0.5.2 0.5.2.x
roundcube / webmail 0.5.4 0.5.4.x
roundcube / webmail 0.1-rc1 0.1-rc1.x
roundcube / webmail 0.4 0.4.x
roundcube / webmail 0.1-beta2 0.1-beta2.x
roundcube / webmail 0.1-beta 0.1-beta.x
roundcube / webmail 0.3-rc1 0.3-rc1.x
roundcube / webmail 0.5-rc 0.5-rc.x
roundcube / webmail 0.8.3 0.8.3.x
roundcube / webmail 0.2-stable 0.2-stable.x
roundcube / webmail 0.2-alpha 0.2-alpha.x
roundcube / webmail 0.8.1 0.8.1.x
roundcube / webmail 0.1-rc2 0.1-rc2.x
roundcube / webmail 0.3-beta 0.3-beta.x
roundcube / webmail 0.1-stable 0.1-stable.x
roundcube / webmail 0.7 0.7.x
roundcube / webmail 0.5-beta 0.5-beta.x
roundcube / webmail 0.4.2 0.4.2.x
roundcube / webmail 0.8.0 0.8.0.x
roundcube / webmail 0.8.2 0.8.2.x
roundcube / webmail - 0.8.4.x
roundcube / webmail 0.5.1 0.5.1.x
roundcube / webmail 0.7.2 0.7.2.x
roundcube / webmail 0.6 0.6.x
roundcube / webmail 0.2.2 0.2.2.x
roundcube / webmail 0.3 0.3.x
roundcube / webmail 0.1.1 0.1.1.x
roundcube / webmail 0.4-beta 0.4-beta.x
roundcube / webmail 0.7.3 0.7.3.x
roundcube / webmail 0.4.1 0.4.1.x
roundcube / webmail 0.7.1 0.7.1.x
roundcube / webmail 0.2 0.2.x
roundcube / webmail 0.5.3 0.5.3.x
roundcube / webmail 0.2-beta 0.2-beta.x
roundcube / webmail 0.3.1 0.3.1.x
roundcube / webmail 0.5 0.5.x
roundcube / webmail 0.2.1 0.2.1.x
roundcube / webmail 0.3-stable 0.3-stable.x