Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.
No PoCs from references.
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/PuddinCat/GithubRepoSpider
- https://github.com/koorchik/dissert
- https://github.com/koorchik/llm-analysis-of-text-data
- https://github.com/pentesttoolscom/roundcube-cve-2021-44026
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/skyllpro/CVE-2021-44026-PoC