oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: roundcube: XSS vulnerability in mail content page

From: cve-assign () mitre org
Date: Thu, 26 May 2016 14:18:56 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


Fix XSS issue in href attribute on area tag (#5240)
https://github.com/roundcube/roundcubemail/issues/5240
https://github.com/roundcube/roundcubemail/pull/5241

<img src=# usemap=#foo width=100%><map name="foo"><area href=[XSS] shape=default>


Use CVE-2016-5103.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXRzsvAAoJEHb/MwWLVhi2KlcQAK5YCa0J9EAyeVL8wtTL5fQd
ZULIXbjQ5jFSR/FP0zh7BFtpWPZCcfEsUcuxW2fC76NStQyeypLMBbGo+z0GMe0v
O0QmN1Jdk7DqpPo/g3nfX8v5S0XJdUNEXOXIgfB6RXGYLP6+j9uX5ZOgVIjFvXSi
XSrzh2YcDfuytqxZoUJkpgtfz8OGaSoJWRdC6MoF2ytmuZ9suB7OowKQyNRLszO+
dGeEh7T+MxepmDGTF3AQ0ssm7g7wEyC6ojBqsMdmZCVFbR84brDB8wc4ZWQYkI3e
ap0e/7dHyfzAzV3GN6BYvaz0rr/Wci8URQV+bRkObpRj8cKqAs/m2eaXOONxgCzn
Lw6WS4pVdgIFemvKV+Du/hewUHgo60g7dKQ1cw13UVO+VcQNv50wBpoc+W0KLR1r
hYAwEjN3V+pNvQZ+zNsO7IG2cVzGFWSBH3/amK9bAC3PZXRyY4bAbhF0GTEidgV5
f/qH8O4Y7TLHXunDwSStPtPpS94G6mHsOKaeHYdWODSs+2alJn+1MioLcAFdYq7G
sQ8QI4GoCN0JzVYMPMfTklByAtIrxG9cbpLa/X+/xSsbbXlIk+BJbGTD0Uz8iK4R
84J05w1ErGlJ0lphq5VfZbRIeM2wpLiVh58XAmiu7fh4+Z+JJpVR9ZzAdbS7TTj+
pkXD/GkrGu3Omjv8JSVl
=HbY0
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: