Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-35730
Vulnerability from cvelistv5
Published
2020-12-28 19:37
Modified
2025-02-04 20:24
Severity ?
EPSS score ?
Summary
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.
References
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2023-06-22
Due date: 2023-07-13
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://roundcube.net/news/2020/12/27/security-updates-1.4.10-1.3.16-and-1.2.13; https://nvd.nist.gov/vuln/detail/CVE-2020-35730
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:15.160Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://roundcube.net/download/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.alexbirnberg.com/roundcube-xss.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13", }, { name: "FEDORA-2021-2cb0643316", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/", }, { name: "FEDORA-2021-73359af51c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2020-35730", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T20:21:48.700288Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2023-06-22", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-35730", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T20:24:55.273Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-13T03:06:08.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://roundcube.net/download/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491", }, { tags: [ "x_refsource_MISC", ], url: "https://www.alexbirnberg.com/roundcube-xss.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13", }, { name: "FEDORA-2021-2cb0643316", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/", }, { name: "FEDORA-2021-73359af51c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35730", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://roundcube.net/download/", refsource: "MISC", url: "https://roundcube.net/download/", }, { name: "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10", refsource: "CONFIRM", url: "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10", }, { name: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491", refsource: "CONFIRM", url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491", }, { name: "https://www.alexbirnberg.com/roundcube-xss.html", refsource: "MISC", url: "https://www.alexbirnberg.com/roundcube-xss.html", }, { name: "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10", refsource: "CONFIRM", url: "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10", }, { name: "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16", refsource: "CONFIRM", url: "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16", }, { name: "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13", refsource: "CONFIRM", url: "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13", }, { name: "FEDORA-2021-2cb0643316", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/", }, { name: "FEDORA-2021-73359af51c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35730", datePublished: "2020-12-28T19:37:08.000Z", dateReserved: "2020-12-27T00:00:00.000Z", dateUpdated: "2025-02-04T20:24:55.273Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { cisa_known_exploited: { cveID: "CVE-2020-35730", cwes: "[\"CWE-79\"]", dateAdded: "2023-06-22", dueDate: "2023-07-13", knownRansomwareCampaignUse: "Unknown", notes: "https://roundcube.net/news/2020/12/27/security-updates-1.4.10-1.3.16-and-1.2.13; https://nvd.nist.gov/vuln/detail/CVE-2020-35730", product: "Roundcube Webmail", requiredAction: "Apply updates per vendor instructions.", shortDescription: "Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows an attacker to send a plain text e-mail message with Javascript in a link reference element that is mishandled by linkref_addinindex in rcube_string_replacer.php.", vendorProject: "Roundcube", vulnerabilityName: "Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability", }, nvd: "{\"cve\":{\"id\":\"CVE-2020-35730\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-12-28T20:15:13.150\",\"lastModified\":\"2025-02-04T21:15:20.047\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.\"},{\"lang\":\"es\",\"value\":\"Se detectó un problema de XSS en Roundcube Webmail en versiones anteriores a la 1.2.13, 1.3.x en versiones anteriores a la 1.3.16 y 1.4.x en versiones anteriores a la 1.4.10. El atacante puede enviar un mensaje de correo electrónico de texto sin formato, con JavaScript en un elemento de referencia de enlace que es manejado inapropiadamente por linkref_addindex en rcube_string_replacer.php.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2023-06-22\",\"cisaActionDue\":\"2023-07-13\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.2.13\",\"matchCriteriaId\":\"A26F38AE-C3AB-4A9D-A097-F88FFF3351A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.3.0\",\"versionEndExcluding\":\"1.3.16\",\"matchCriteriaId\":\"AE535CF3-A0B8-4305-86BE-A6F2CD446827\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.4\",\"versionEndExcluding\":\"1.4.10\",\"matchCriteriaId\":\"1B77F6D2-7493-4ED5-997E-5D3A168B56D7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.2.13\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.3.16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.4.10\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://roundcube.net/download/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://www.alexbirnberg.com/roundcube-xss.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.2.13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.3.16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/roundcube/roundcubemail/releases/tag/1.4.10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://roundcube.net/download/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://www.alexbirnberg.com/roundcube-xss.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://roundcube.net/download/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.alexbirnberg.com/roundcube-xss.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.4.10\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.3.16\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.2.13\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/\", \"name\": \"FEDORA-2021-2cb0643316\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/\", \"name\": \"FEDORA-2021-73359af51c\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T17:09:15.160Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-35730\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T20:21:48.700288Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-06-22\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-35730\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T20:21:39.365Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://roundcube.net/download/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.alexbirnberg.com/roundcube-xss.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.4.10\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.3.16\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.2.13\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/\", \"name\": \"FEDORA-2021-2cb0643316\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/\", \"name\": \"FEDORA-2021-73359af51c\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2021-01-13T03:06:08.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://roundcube.net/download/\", \"name\": \"https://roundcube.net/download/\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10\", \"name\": \"https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491\", \"name\": \"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.alexbirnberg.com/roundcube-xss.html\", \"name\": \"https://www.alexbirnberg.com/roundcube-xss.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.4.10\", \"name\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.4.10\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.3.16\", \"name\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.3.16\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.2.13\", \"name\": \"https://github.com/roundcube/roundcubemail/releases/tag/1.2.13\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/\", \"name\": \"FEDORA-2021-2cb0643316\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/\", \"name\": \"FEDORA-2021-73359af51c\", \"refsource\": \"FEDORA\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-35730\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}", cveMetadata: "{\"cveId\": \"CVE-2020-35730\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-04T20:24:55.273Z\", \"dateReserved\": \"2020-12-27T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2020-12-28T19:37:08.000Z\", \"assignerShortName\": \"mitre\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
opensuse-su-2021:1014-1
Vulnerability from csaf_opensuse
Published
2021-07-09 12:07
Modified
2021-07-09 12:07
Summary
Security update for roundcubemail
Notes
Title of the patch
Security update for roundcubemail
Description of the patch
This update for roundcubemail fixes the following issues:
Upgrade to version 1.3.16
This is a security update to the LTS version 1.3.
It fixes a recently reported stored cross-site scripting (XSS)
vulnerability via HTML or plain text messages with malicious content.
References:
- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)
- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)
- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)
This update was imported from the openSUSE:Leap:15.2:Update update project.
Patchnames
openSUSE-2021-1014
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for roundcubemail", title: "Title of the patch", }, { category: "description", text: "This update for roundcubemail fixes the following issues:\n\nUpgrade to version 1.3.16\n\nThis is a security update to the LTS version 1.3.\n\nIt fixes a recently reported stored cross-site scripting (XSS)\nvulnerability via HTML or plain text messages with malicious content.\n\nReferences:\n\n- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)\n- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)\n- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)\n\nThis update was imported from the openSUSE:Leap:15.2:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2021-1014", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_1014-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2021:1014-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XDARRLWABODNP6ABT3DQ34TPYSH3ROH5/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2021:1014-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XDARRLWABODNP6ABT3DQ34TPYSH3ROH5/", }, { category: "self", summary: "SUSE Bug 1180399", url: "https://bugzilla.suse.com/1180399", }, { category: "self", summary: "SUSE Bug 1187706", url: "https://bugzilla.suse.com/1187706", }, { category: "self", summary: "SUSE Bug 1187707", url: "https://bugzilla.suse.com/1187707", }, { category: "self", summary: "SUSE CVE CVE-2020-18670 page", url: "https://www.suse.com/security/cve/CVE-2020-18670/", }, { category: "self", summary: "SUSE CVE CVE-2020-18671 page", url: "https://www.suse.com/security/cve/CVE-2020-18671/", }, { category: "self", summary: "SUSE CVE CVE-2020-35730 page", url: "https://www.suse.com/security/cve/CVE-2020-35730/", }, ], title: "Security update for roundcubemail", tracking: { current_release_date: "2021-07-09T12:07:08Z", generator: { date: "2021-07-09T12:07:08Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2021:1014-1", initial_release_date: "2021-07-09T12:07:08Z", revision_history: [ { date: "2021-07-09T12:07:08Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "roundcubemail-1.3.16-bp152.4.18.1.noarch", product: { name: "roundcubemail-1.3.16-bp152.4.18.1.noarch", product_id: "roundcubemail-1.3.16-bp152.4.18.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Package Hub 15 SP2", product: { name: "SUSE Package Hub 15 SP2", product_id: "SUSE Package Hub 15 SP2", }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "roundcubemail-1.3.16-bp152.4.18.1.noarch as component of SUSE Package Hub 15 SP2", product_id: "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.18.1.noarch", }, product_reference: "roundcubemail-1.3.16-bp152.4.18.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-18670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18670", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.18.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18670", url: "https://www.suse.com/security/cve/CVE-2020-18670", }, { category: "external", summary: "SUSE Bug 1187707 for CVE-2020-18670", url: "https://bugzilla.suse.com/1187707", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.18.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.18.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-07-09T12:07:08Z", details: "low", }, ], title: "CVE-2020-18670", }, { cve: "CVE-2020-18671", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18671", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.18.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18671", url: "https://www.suse.com/security/cve/CVE-2020-18671", }, { category: "external", summary: "SUSE Bug 1187706 for CVE-2020-18671", url: "https://bugzilla.suse.com/1187706", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.18.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.18.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-07-09T12:07:08Z", details: "low", }, ], title: "CVE-2020-18671", }, { cve: "CVE-2020-35730", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-35730", }, ], notes: [ { category: "general", text: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.18.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-35730", url: "https://www.suse.com/security/cve/CVE-2020-35730", }, { category: "external", summary: "SUSE Bug 1180399 for CVE-2020-35730", url: "https://bugzilla.suse.com/1180399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.18.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.18.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-07-09T12:07:08Z", details: "moderate", }, ], title: "CVE-2020-35730", }, ], }
opensuse-su-2021:0943-1
Vulnerability from csaf_opensuse
Published
2021-06-29 16:07
Modified
2021-06-29 16:07
Summary
Security update for roundcubemail
Notes
Title of the patch
Security update for roundcubemail
Description of the patch
This update for roundcubemail fixes the following issues:
Upgrade to version 1.3.16
This is a security update to the LTS version 1.3.
It fixes a recently reported stored cross-site scripting (XSS)
vulnerability via HTML or plain text messages with malicious content.
References:
- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)
- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)
- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)
Patchnames
openSUSE-2021-943
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for roundcubemail", title: "Title of the patch", }, { category: "description", text: "This update for roundcubemail fixes the following issues:\n\nUpgrade to version 1.3.16\n\nThis is a security update to the LTS version 1.3. \n\nIt fixes a recently reported stored cross-site scripting (XSS) \nvulnerability via HTML or plain text messages with malicious content.\n\nReferences:\n\n- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)\n- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)\n- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2021-943", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0943-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2021:0943-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5ELZ4EA3I6BCVA2NQEVPSEZ2M3Y5ASM3/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2021:0943-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5ELZ4EA3I6BCVA2NQEVPSEZ2M3Y5ASM3/", }, { category: "self", summary: "SUSE Bug 1180399", url: "https://bugzilla.suse.com/1180399", }, { category: "self", summary: "SUSE Bug 1187706", url: "https://bugzilla.suse.com/1187706", }, { category: "self", summary: "SUSE Bug 1187707", url: "https://bugzilla.suse.com/1187707", }, { category: "self", summary: "SUSE CVE CVE-2020-18670 page", url: "https://www.suse.com/security/cve/CVE-2020-18670/", }, { category: "self", summary: "SUSE CVE CVE-2020-18671 page", url: "https://www.suse.com/security/cve/CVE-2020-18671/", }, { category: "self", summary: "SUSE CVE CVE-2020-35730 page", url: "https://www.suse.com/security/cve/CVE-2020-35730/", }, ], title: "Security update for roundcubemail", tracking: { current_release_date: "2021-06-29T16:07:17Z", generator: { date: "2021-06-29T16:07:17Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2021:0943-1", initial_release_date: "2021-06-29T16:07:17Z", revision_history: [ { date: "2021-06-29T16:07:17Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "roundcubemail-1.3.16-bp151.4.6.1.noarch", product: { name: "roundcubemail-1.3.16-bp151.4.6.1.noarch", product_id: "roundcubemail-1.3.16-bp151.4.6.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Package Hub 15 SP1", product: { name: "SUSE Package Hub 15 SP1", product_id: "SUSE Package Hub 15 SP1", }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "roundcubemail-1.3.16-bp151.4.6.1.noarch as component of SUSE Package Hub 15 SP1", product_id: "SUSE Package Hub 15 SP1:roundcubemail-1.3.16-bp151.4.6.1.noarch", }, product_reference: "roundcubemail-1.3.16-bp151.4.6.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP1", }, ], }, vulnerabilities: [ { cve: "CVE-2020-18670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18670", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP1:roundcubemail-1.3.16-bp151.4.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18670", url: "https://www.suse.com/security/cve/CVE-2020-18670", }, { category: "external", summary: "SUSE Bug 1187707 for CVE-2020-18670", url: "https://bugzilla.suse.com/1187707", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP1:roundcubemail-1.3.16-bp151.4.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP1:roundcubemail-1.3.16-bp151.4.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-06-29T16:07:17Z", details: "low", }, ], title: "CVE-2020-18670", }, { cve: "CVE-2020-18671", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18671", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP1:roundcubemail-1.3.16-bp151.4.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18671", url: "https://www.suse.com/security/cve/CVE-2020-18671", }, { category: "external", summary: "SUSE Bug 1187706 for CVE-2020-18671", url: "https://bugzilla.suse.com/1187706", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP1:roundcubemail-1.3.16-bp151.4.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP1:roundcubemail-1.3.16-bp151.4.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-06-29T16:07:17Z", details: "low", }, ], title: "CVE-2020-18671", }, { cve: "CVE-2020-35730", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-35730", }, ], notes: [ { category: "general", text: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP1:roundcubemail-1.3.16-bp151.4.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-35730", url: "https://www.suse.com/security/cve/CVE-2020-35730", }, { category: "external", summary: "SUSE Bug 1180399 for CVE-2020-35730", url: "https://bugzilla.suse.com/1180399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP1:roundcubemail-1.3.16-bp151.4.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP1:roundcubemail-1.3.16-bp151.4.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-06-29T16:07:17Z", details: "moderate", }, ], title: "CVE-2020-35730", }, ], }
opensuse-su-2022:10148-1
Vulnerability from csaf_opensuse
Published
2022-10-16 19:12
Modified
2022-10-16 19:12
Summary
Security update for roundcubemail
Notes
Title of the patch
Security update for roundcubemail
Description of the patch
This update for roundcubemail fixes the following issues:
roundcubemail was updated to 1.5.3
* Enigma: Fix initial synchronization of private keys
* Enigma: Fix double quoted-printable encoding of pgp-signed messages with no attachments (#8413)
* Fix various PHP8 warnings (#8392)
* Fix mail headers injection via the subject field on mail compose (#8404)
* Fix bug where small message/rfc822 parts could not be decoded (#8408)
* Fix setting HTML mode on reply/forward of a signed message (#8405)
* Fix handling of RFC2231-encoded attachment names inside of a message/rfc822 part (#8418)
* Fix bug where some mail parts (images) could have not be listed as attachments (#8425)
* Fix bug where attachment icons were stuck at the top of the messages list in Safari (#8433)
* Fix handling of message/rfc822 parts that are small and are multipart structures with a single part (#8458)
* Fix bug where session could time out if DB and PHP timezone were different (#8303)
* Fix bug where DSN flag state wasn't stored with a draft (#8371)
* Fix broken encoding of HTML content encapsulated in a RTF attachment (#8444)
* Fix problem with aria-hidden=true on toolbar menus in the Elastic skin (#8517)
* Fix bug where title tag content was displayed in the body if it contained HTML tags (#8540)
* Fix support for DSN specification without host e.g. pgsql:///dbname (#8558)
update to 1.5.2
* OAuth: pass 'id_token' to 'oauth_login' plugin hook (#8214)
* OAuth: fix expiration of short-lived oauth tokens (#8147)
* OAuth: fix relative path to assets if /index.php/foo/bar url is used (#8144)
* OAuth: no auto-redirect on imap login failures (#8370)
* OAuth: refresh access token in 'refresh' plugin hook (#8224)
* Fix so folder search parameters are honored by subscriptions_option plugin (#8312)
* Fix password change with Directadmin driver (#8322, #8329)
* Fix so css files in plugins/jqueryui/themes will be minified too (#8337)
* Fix handling of unicode/special characters in custom From input (#8357)
* Fix some PHP8 compatibility issues (#8363)
* Fix chpass-wrapper.py helper compatibility with Python 3 (#8324)
* Fix scrolling and missing Close button in the Select image dialog in Elastic/mobile (#8367)
* Security: fix cross-site scripting (XSS) via HTML messages with malicious CSS content
- added Suggests: php-sqlite
- use the virtual provides from each PHP module, to allow the installation
of roundcubemail with various PHP versions.
The only problem, we are currently facing is the automatic
enablement of the PHP apache module during post-installation:
Trying to evaluate the correct PHP module now during post as well,
which should eleminate the pre-definition of the required
PHP-Version during build completely.
See https://build.opensuse.org/request/show/940859 for the initial
discussion.
update to 1.5.1
* Fix importing contacts with no email address (#8227)
* Fix so session's search scope is not used if search is not active (#8199)
* Fix some PHP8 warnings (#8239)
* Fix so dark mode state is retained after closing the browser (#8237)
* Fix bug where new messages were not added to the list on refresh if skip_deleted=true (#8234)
* Fix colors on 'Show source' page in dark mode (#8246)
* Fix handling of dark_mode_support:false setting in skins meta.json - also when devel_mode=false (#8249)
* Fix database initialization if db_prefix is a schema prefix (#8221)
* Fix undefined constant error in Installer on Windows (#8258)
* Fix installation/upgrade on MySQL 5.5 - Index column size too large (#8231)
* Fix regression in setting of contact listing name (#8260)
* Fix bug in Larry skin where headers toggle state was reset on full page preview (#8203)
* Fix bug where \u200b characters were added into the recipient input preventing mail delivery (#8269)
* Fix charset conversion errors on PHP < 8 for charsets not supported by mbstring (#8252)
* Fix bug where adding a contact to trusted senders via 'Always allow from...' button didn't work (#8264, #8268)
* Fix bug with show_images setting where option 1 and 3 were swapped (#8268)
* Fix PHP fatal error on an undefined constant in contacts import action (#8277)
* Fix fetching headers of multiple message parts at once in rcube_imap_generic::fetchMIMEHeaders() (#8282)
* Fix bug where attachment download could sometimes fail with a CSRF check error (#8283)
* Fix an infinite loop when parsing environment variables with float/integer values (#8293)
* Fix so 'small-dark' logo has more priority than the 'small' logo (#8298)
update to 1.5.0
+ full PHP8 support
+ Dark mode for Elastic skin
+ OAuth2/XOauth support (with plugin hooks)
+ Collected recipients and trusted senders
+ Moving recipients between inputs with drag & drop
+ Full unicode support with MySQL database
+ Support of IMAP LITERAL- extension RFC 7888 <https://datatracker.ietf.org/doc/html/rfc7888>
+ Support of RFC 2231 <https://datatracker.ietf.org/doc/html/rfc2231> encoded names
+ Cache refactoring More at https://github.com/roundcube/roundcubemail/releases/tag/1.5.0
+ added SECURITY.md to documentation
+ mark the whole documentation directory as documentation instead of listing some files and others not (avoid duplicate entries in RPM-DB)
+ adjust requirements: php-intl is now required
update to 1.4.11 with security fix:
- Fix cross-site scripting (XSS) via HTML messages with malicious CSS content
- add PHP version to Requires: and Recommends: to make sure the same
version is installed as used during packaging
- drop Requires: http_daemon (fixes boo#1180132) and Suggests: apache2
(which is already required though mod_php_any)
update to 1.4.10:
* Stored cross-site scripting (XSS) via HTML or plain text messages
with malicious content ( CVE-2020-35730 boo#1180399 )
* Fix extra angle brackets in In-Reply-To header derived from mailto: params (#7655)
* Fix folder list issue when special folder is a subfolder (#7647)
* Fix Elastic's folder subscription toggle in search result (#7653)
* Fix state of subscription toggle on folders list after changing
folder state from the search result (#7653)
* Security: Fix cross-site scripting (XSS) via HTML or plain text
messages with malicious content
update to 1.4.9:
* Fix HTML editor in latest Chrome 85.0.4183.102, update to TinyMCE 4.9.11 (#7615)
* Add missing localization for some label/legend elements in userinfo plugin (#7478)
* Fix importing birthday dates from Gmail vCards (BDAY:YYYYMMDD)
* Fix restoring Cc/Bcc fields from local storage (#7554)
* Fix jstz.min.js installation, bump version to 1.0.7
* Fix incorrect PDO::lastInsertId() use in sqlsrv driver (#7564)
* Fix link to closure compiler in bin/jsshrink.sh script (#7567)
* Fix bug where some parts of a message could have been missing in a reply/forward body (#7568)
* Fix empty space on mail printouts in Chrome (#7604)
* Fix empty output from HTML5 parser when content contains XML tag (#7624)
* Fix scroll jump on key press in plain text mode of the HTML editor (#7622)
* Fix so autocompletion list does not hide on scroll inside it (#7592)
update to 1.4.8 with security fixes:
* Fix cross-site scripting (XSS) via HTML messages with malicious svg content (CVE-2020-16145)
* Fix cross-site scripting (XSS) via HTML messages with malicious math content
update to 1.4.7 with security fix:
* Fix bug where subfolders of special folders could have been duplicated on folder list
* Increase maximum size of contact jobtitle and department fields to 128 characters
* Fix missing newline after the logged line when writing to stdout (#7418)
* Elastic: Fix context menu (paste) on the recipient input (#7431)
* Fix problem with forwarding inline images attached to messages with no HTML part (#7414)
* Fix problem with handling attached images with same name when using
database_attachments/redundant_attachments (#7455)
- add http.inc file
* include one file for php5/php7 admin flags/values
update to 1.4.5
Security fixes
* Fix XSS issue in template object 'username' (#7406)
* Fix cross-site scripting (XSS) via malicious XML attachment
* Fix a couple of XSS issues in Installer (#7406)
* Better fix for CVE-2020-12641
Other changes
* Fix bug in extracting required plugins from composer.json that led
to spurious error in log (#7364)
* Fix so the database setup description is compatible with MySQL 8 (#7340)
* Markasjunk: Fix regression in jsevent driver (#7361)
* Fix missing flag indication on collapsed thread in Larry and Elastic (#7366)
* Fix default keyservers (use keys.openpgp.org), add note about CORS (#7373, #7367)
* Password: Fix issue with Modoboa driver (#7372)
* Mailvelope: Use sender's address to find pubkeys to check signatures (#7348)
* Mailvelope: Fix Encrypt button hidden in Elastic (#7353)
* Fix PHP warning: count(): Parameter must be an array or an object...
in ID command handler (#7392)
* Fix error when user-configured skin does not exist anymore (#7271)
* Elastic: Fix aspect ratio of a contact photo in mail preview (#7339)
* Fix bug where PDF attachments marked as inline could have not been
attached on mail forward (#7382)
* Security: Fix a couple of XSS issues in Installer (#7406)
* Security: Better fix for CVE-2020-12641
update to 1.4.4
* Fix bug where attachments with Content-Id were attached to the message on reply (#7122)
* Fix identity selection on reply when both sender and recipient addresses are included in identities (#7211)
* Elastic: Fix text selection with Shift+PageUp and Shift+PageDown in plain text editor when using Chrome (#7230)
* Elastic: Fix recipient input bug when using click to select a contact from autocomplete list (#7231)
* Elastic: Fix color of a folder with recent messages (#7281)
* Elastic: Restrict logo size in print view (#7275)
* Fix invalid Content-Type for messages with only html part and inline images * Mail_Mime-1.10.7 (#7261)
* Fix missing contact display name in QR Code data (#7257)
* Fix so button label in Select image/media dialogs is 'Close' not 'Cancel' (#7246)
* Fix regression in testing database schema on MSSQL (#7227)
* Fix cursor position after inserting a group to a recipient input using autocompletion (#7267)
* Fix string literals handling in IMAP STATUS (and various other) responses (#7290)
* Fix bug where multiple images in a message were replaced by the first one on forward/reply/edit (#7293)
* Fix handling keyservers configured with protocol prefix (#7295)
* Markasjunk: Fix marking as spam/ham on moving messages with Move menu (#7189)
* Markasjunk: Fix bug where moving to Junk was failing on messages selected with Select > All (#7206)
* Fix so imap error message is displayed to the user on folder create/update (#7245)
* Fix bug where a special folder couldn't be created if a special-use flag is not supported (#7147)
* Mailvelope: Fix bug where recipients with name were not handled properly in mail compose (#7312)
* Fix characters encoding in group rename input after group creation/rename (#7330)
* Fix bug where some message/rfc822 parts could not be attached on forward (#7323)
* Make install-jsdeps.sh script working without the 'file' program installed (#7325)
* Fix performance issue of parsing big HTML messages by disabling HTML5 parser for these (#7331)
* Fix so Print button for PDF attachments works on Firefox >= 75 (#5125)
update to 1.4.3
* Enigma: Fix so key list selection is reset when opening key creation form (#7154)
* Enigma: Fix so using list checkbox selection does not load the key preview frame
* Enigma: Fix generation of key pairs for identities with IDN domains (#7181)
* Enigma: Display IDN domains of key users and identities in UTF8
* Enigma: Fix bug where 'Send unencrypted' button didn't work in Elastic skin (#7205)
* Managesieve: Fix bug where it wasn't possible to save flag actions (#7188)
* Markasjunk: Fix bug where marking as spam/ham didn't work on moving messages with drag-and-drop (#7137)
* Password: Make chpass-wrapper.py Python 3 compatible (#7135)
* Elastic: Fix disappearing sidebar in mail compose after clicking Mail button
* Elastic: Fix incorrect aria-disabled attribute on Mail taskmenu button in mail compose
* Elastic: Fix bug where it was possible to switch editor mode when 'htmleditor' was in 'dont_override' (#7143)
* Elastic: Fix text selection in recipient inputs (#7129)
* Elastic: Fix missing Close button in 'more recipients' dialog
* Elastic: Fix non-working folder subscription checkbox for newly added folders (#7174)
* Fix regression where 'Open in new window' action didn't work (#7155)
* Fix PHP Warning: array_filter() expects parameter 1 to be array, null given in subscriptions_option plugin (#7165)
* Fix unexpected error message when mail refresh involves folder auto-unsubscribe (#6923)
* Fix recipient duplicates in print-view when the recipient list has been expanded (#7169)
* Fix bug where files in skins/ directory were listed on skins list (#7180)
* Fix bug where message parts with no Content-Disposition header and no name were not listed on attachments list (#7117)
* Fix display issues with mail subject that contains line-breaks (#7191)
* Fix invalid Content-Transfer-Encoding on multipart messages - Mail_Mime fix (#7170)
* Fix regression where using an absolute path to SQLite database file on Windows didn't work (#7196)
* Fix using unix:///path/to/socket.file in memcached driver (#7210)
- prefer brotli over gzip if brotli is available:
+ enable mod_brotli in roundcubemail-httpd.conf (after deflate)
+ enable brotli via a2enmod for new installations
update to 1.4.2:
* Plugin API: Make actionbefore, before, actionafter and after
events working with plugin actions (#7106)
* Managesieve: Replace 'Filter disabled' with 'Filter enabled' (#7028)
* Managesieve: Fix so modifier type select wasn't hidden after hiding
modifier select on header change
* Managesieve: Fix filter selection after removing a first filter (#7079)
* Markasjunk: Fix marking more than one message as spam/ham with
email_learn driver (#7121)
* Password: Fix kpasswd and smb drivers' double-escaping bug (#7092)
* Enigma: Add script to import keys from filesystem to the db
storage (for multihost)
* Installer: Fix DB Write test on SQLite database
('database is locked' error) (#7064)
* Installer: Fix so SQLite DSN with a relative path to the database
file works in Installer
* Elastic: Fix contrast of warning toasts (#7058)
* Elastic: Simple search in pretty selects (#7072)
* Elastic: Fix hidden list widget on mobile/tablet when selecting
folder while search menu is open (#7120)
* Fix so type attribute on script tags is not used on HTML5 pages (#6975)
* Fix unread count after purge on a folder that is not currently selected (#7051)
* Fix bug where Enter key didn't work on messages list in 'List' layout (#7052)
* Fix bug where deleting a saved search in addressbook caused
display issue on sources/groups list (#7061)
* Fix bug where a new saved search added after removing all searches
wasn't added to the list (#7061)
* Fix bug where a new contact group added after removing all groups
from addressbook wasn't added to the list
* Fix so install-jsdeps.sh removes Bootstrap's sourceMappingURL (#7035)
* Fix so use of Ctrl+A does not scroll the list (#7020)
* Fix/remove useless keyup event handler on username input in logon form (#6970)
* Fix bug where cancelling switching from HTML to plain text didn't
set the flag properly (#7077)
* Fix bug where HTML reply could add an empty line with extra indentation
above the original message (#7088)
* Fix matching multiple X-Forwarded-For addresses with 'proxy_whitelist' (#7107)
* Fix so displayed maximum attachment size depends also on 'max_message_size' (#7105)
* Fix bug where 'skins_allowed' option didn't enforce user skin
preference (#7080)
* Fix so contact's organization field accepts up to 128 characters
(it was 50)
* Fix bug where listing tables in PostgreSQL database with db_prefix
didn't work (#7093)
* Fix bug where 'text' attribute on body tag was ignored when
displaying HTML message (#7109)
* Fix bug where next message wasn't displayed after delete in List mode (#7096)
* Fix so number of contacts in a group is not limited to 200 when
redirecting to mail composer from Contacts (#6972)
* Fix malformed characters in HTML message with charset meta tag
not in head (#7116)
- php documentor is not needed on a productive system -> remove
- also fix /usr/bin/env calls for two vendor scripts
- skins now have some configurable files in their directories:
move those files over to /etc/roundcubemail/skins/
- move other text files (incl. vendor ones) out of the root
directory (and handle the LICENSE file a bit different)
- enable mod_filter and add AddOutputFilterByType for common media
types like html, javascript or xml
- enable php7 on newer openSUSE versions
- enable deflate, expires, filter, headers and setenvif on a new
installation - do not enable any module in case of an update
- recommend php-imagick for additional features
- fixed most of the shell scripts to contain /usr/bin/php
Upgrade to version 1.4.1:
* new defaults for smtp_* config options
* changed default password_charset to UTF-8
* login page returning 401 Unauthorized status
Upgrade to version 1.4.0:
* Update to jQuery 3.4.1
* Update to TinyMCE 4.8.2
* Update to jQuery-MiniColors 2.3.4
* Clarified 'address_book_type' option behavior (#6680)
* Added cookie mismatch detection, display an error message informing the user to clear cookies
* Renamed 'log_session' option to 'session_debug'
* Removed 'delete_always' option (#6782)
* Don't log full session identifiers in userlogins log (#6625)
* Support $HasAttachment/$HasNoAttachment keywords (#6201)
* Support PECL memcached extension as a session and cache storage driver (experimental)
* Switch to IDNA2008 variant (#6806)
* installto.sh: Add possibility to run the update even on the up-to-date installation (#6533)
* Plugin API: Add 'render_folder_selector' hook
* Added 'keyservers' option to define list of HKP servers for Enigma/Mailvelope (#6326)
* Added flag to disable server certificate validation via Mysql DSN argument (#6848)
* Select all records on the current list page with CTRL + A (#6813)
* Use Left/Right Arrow keys to faster move over threaded messages list (#6399)
* Changes in display_next setting (#6795):
* * Move it to Preferences > User Interface > Main Options
* * Make it apply to Contacts interface too
* * Make it apply only if deleting/moving a previewed message/contact
* Redis: Support connection to unix socket
* Put charset meta specification before a title tag, add page title automatically (#6811)
* Elastic: Various internal refactorings
* Elastic: Add Prev/Next buttons on message page toolbar (#6648)
* Elastic: Close search options on Enter key press in quick-search input (#6660)
* Elastic: Changed some icons (#6852)
* Elastic: Changed read/unread icons (#6636)
* Elastic: Changed 'Move to...' icon (#6637)
* Elastic: Add hide/show for advanced preferences (#6632)
* Elastic: Add default icon on Settings/Preferences lists for external plugins (#6814)
* Elastic: Add indicator for popover menu items that open a submenu (#6868)
* Elastic: Move compose attachments/options to the right side (#6839)
* Elastic: Add border/background to attachments list widget (#6842)
* Elastic: Add 'Show unread messages' button to the search bar (#6587)
* Elastic: Fix bug where toolbar disappears on attachment menu use in Chrome (#6677)
* Elastic: Fix folders list scrolling on touch devices (#6706)
* Elastic: Fix non-working pretty selects in Chrome browser (#6705)
* Elastic: Fix issue with absolute positioned mail content (#6739)
* Elastic: Fix bug where some menu actions could cause a browser popup warning
* Elastic: Fix handling mailto: URL parameters in contact menu (#6751)
* Elastic: Fix keyboard navigation in some menus, e.g. the contact menu
* Elastic: Fix visual issue with long buttons in .boxwarning (#6797)
* Elastic: Fix handling new-line in text pasted to a recipient input
* Elastic: Fix so search is not reset when returning from the message preview page (#6847)
* Larry: Fix regression where menu actions didn't work with keyboard (#6740)
* ACL: Display user/group names (from ldap) instead of acl identifier
* Password: Added ldap_exop driver (#4992)
* Password: Added support for SSHA512 password algorithm (#6805)
* Managesieve: Fix bug where global includes were requested for vacation (#6716)
* Managesieve: Use RFC-compliant line endings, CRLF instead of LF (#6686)
* Managesieve: Fix so 'Create filter' option does not show up when Filters menu is disabled (#6723)
* Enigma: For verified signatures, display the user id associated with the sender address (#5958)
* Enigma: Fix bug where revoked users/keys were not greyed out in key info
* Enigma: Fix error message when trying to encrypt with a revoked key (#6607)
* Enigma: Fix 'decryption oracle' bug [CVE-2019-10740] (#6638)
* Enigma: Fix bug where signature verification could have been skipped for some message structures (#6838)
* Fix language selection for spellchecker in html mode (#6915)
* Fix css styles leak from replied/forwarded message to the rest of the composed text (#6831)
* Fix invalid path to 'add contact' icon when using assets_path setting
* Fix invalid path to blocked.gif when using assets_path setting (#6752)
* Fix so advanced search dialog is not automatically displayed on searchonly addressbooks (#6679)
* Fix so an error is logged when more than one attachment plugin has been enabled, initialize the first one (#6735)
* Fix bug where flag change could have been passed to a preview frame when not expected
* Fix bug in HTML parser that could cause missing text fragments when there was no head/body tag (#6713)
* Fix bug where HTML messages with a xml:namespace tag were not rendered (#6697)
* Fix TinyMCE download location (#6694)
* Fix so 'Open in new window' consistently displays 'external window' interface (#6659)
* Fix bug where next row wasn't selected after deleting a collapsed thread (#6655)
* Fix bug where external content (e.g. mail body) was passed to templates parsing code (#6640)
* Fix bug where attachment preview didn't work with x_frame_options=deny (#6688)
* Fix so bin/install-jsdeps.sh returns error code on error (#6704)
* Fix bug where bmp images couldn't be displayed on some systems (#6728)
* Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp (#6744)
* Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758)
* Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only tld (#6746)
* Fix bug where Next/Prev button in mail view didn't work with multi-folder search result (#6793)
* Fix bug where selection of columns on messages list wasn't working
* Fix bug in converting multi-page Tiff images to Jpeg (#6824)
* Fix bug where handling multiple messages from multi-folder search result could not work (#6845)
* Fix bug where unread count wasn't updated after moving multi-folder result (#6846)
* Fix wrong messages order after returning to a multi-folder search result (#6836)
* Fix some PHP 7.4 compat. issues (#6884, #6866)
* Fix bug where it was possible to bypass the position:fixed CSS check in received messages (#6898)
* Fix bug where some strict remote URIs in url() style were unintentionally blocked (#6899)
* Fix bug where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class (#6897)
* Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896)
* Changed 'password_charset' default to 'UTF-8' (#6522)
* Add skins_allowed option (#6483)
* SMTP GSSAPI support via krb_authentication plugin (#6417)
* Avoid Referer leaking by using Referrer-Policy:same-origin header (#6385)
* Removed 'referer_check' option (#6440)
* Use constant prefix for temp file names, don't remove temp files from other apps (#6511)
* Ignore 'Sender' header on Reply-All action (#6506)
* deluser.sh: Add option to delete users who have not logged in for more than X days (#6340)
* HTML5 Upload Progress - as a replacement for the old server-side solution (#6177)
* Prevent from using deprecated timezone names from jsTimezoneDetect
* Force session.gc_probability=1 when using custom session handlers (#6560)
* Support simple field labels (e.g. LetterHub examples) in csv imports (#6541)
* Add cache busters also to images used by templates (#6610)
* Plugin API: Added 'raise_error' hook (#6199)
* Plugin API: Added 'common_headers' hook (#6385)
* Plugin API: Added 'ldap_connected' hook
* Enigma: Update to OpenPGPjs 4.2.1 - fixes user name encoding issues in key generation (#6524)
* Enigma: Fixed multi-host synchronization of private and deleted keys and pubring.kbx file
* Managesieve: Added support for 'editheader' extension - RFC5293 (#5954)
* Managesieve: Fix bug where custom header or variable could be lost on form submission (#6594)
* Markasjunk: Integrate markasjunk2 features into markasjunk - marking as non-junk + learning engine (#6504)
* Password: Added 'modoboa' driver (#6361)
* Password: Fix bug where password_dovecotpw_with_method setting could be ignored (#6436)
* Password: Fix bug where new users could skip forced password change (#6434)
* Password: Allow drivers to override default password comparisons (eg new is not same as current) (#6473)
* Password: Allow drivers to override default strength checks (eg allow for 'not the same as last x passwords') (#246)
* Passowrd: Allow drivers to define password strength rules displayed to the user
* Password: Allow separate password saving and strength drivers for use of strength checking services (#5040)
* Password: Add zxcvbn driver for checking password strength (#6479)
* Password: Disallow control characters in passwords
* Password: Add support for Plesk >= 17.8 (#6526)
* Elastic: Improved datepicker displayed always in parent window
* Elastic: On touch devices display attachment icons on messages list (#6296)
* Elastic: Make menu button inactive if all subactions are inactive (#6444)
* Elastic: On mobile/tablet jump to the list on folder selection (#6415)
* Elastic: Various improvements on mail compose screen (#6413)
* Elastic: Support new-line char as a separator for pasted recipients (#6460)
* Elastic: Improved UX of search dialogs (#6416)
* Elastic: Fix unwanted thread expanding when selecting a collapsed thread in non-mobile mode (#6445)
* Elastic: Fix too small height of mailvelope mail preview frame (#6600)
* Elastic: Add 'status bar' for mobile in mail composer
* Elastic: Add selection options on contacts list (#6595)
* Elastic: Fix unintentional layout preference overwrite (#6613)
* Elastic: Fix bug where Enigma options in mail compose could sometimes be ignored (#6515)
* Log errors caused by low pcre.backtrack_limit when sending a mail message (#6433)
* Fix regression where drafts were not deleted after sending the message (#6756)
* Fix so max_message_size limit is checked also when forwarding messages as attachments (#6580)
* Fix so performance stats are logged to the main console log also when per_user_logging=true
* Fix malformed message saved into Sent folder when using big attachments and low memory limit (#6498)
* Fix incorrect IMAP SASL GSSAPI negotiation (#6308)
* Fix so unicode in local part of the email address is also supported in recipient inputs (#6490)
* Fix bug where autocomplete list could be displayed out of screen (#6469)
* Fix style/navigation on error page depending on authentication state (#6362)
* Fix so invalid smtp_helo_host is never used, fallback to localhost (#6408)
* Fix custom logo size in Elastic (#6424)
* Fix listing the same attachment multiple times on forwarded messages
* Fix bug where a message/rfc822 part without a filename wasn't listed on the attachments list (#6494)
* Fix inconsistent offset for various time zones - always display Standard Time offset (#6531)
* Fix dummy Message-Id when resuming a draft without Message-Id header (#6548)
* Fix handling of empty entries in vCard import (#6564)
* Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577)
* Fix PHP 7.2 compatibility in debug_logger plugin (#6586)
* Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581)
* Fix so mime_content_type check in Installer uses files that should always be available (i.e. from program/resources) (#6599)
* Fix missing CSRF token on a link to download too-big message part (#6621)
* Fix bug when aborting dragging with ESC key didn't stop the move action (#6623)
* Improved Mailvelope integration
* * Added private key listing and generating to identity settings
* * Enable encrypt & sign option if Mailvelope supports it
* Allow contacts without an email address (#5079)
* Support SMTPUTF8 and relax email address validation to support unicode in local part (#5120)
* Support for IMAP folders that cannot contain both folders and messages (#5057)
* Remove sample PHP configuration from .htaccess and .user.ini files (#5850)
* Extend skin_logo setting to allow per skin logos (#6272)
* Use Masterminds/HTML5 parser for better HTML5 support (#5761)
* Add More actions button in Contacts toolbar with Copy/Move actions (#6081)
* Display an error when clicking disabled link to register protocol handler (#6079)
* Add option trusted_host_patterns (#6009, #5752)
* Support additional connect parameters in PostgreSQL database wrapper
* Use UI dialogs instead of confirm() and alert() where possible
* Display value of the SMTP message size limit in the error message (#6032)
* Show message flagged status in message view (#5080)
* Skip redundant INSERT query on successful logon when using PHP7
* Replace display_version with display_product_version (#5904)
* Extend disabled_actions config so it accepts also button names (#5903)
* Handle remote stylesheets the same as remote images, ask the user to allow them (#5994)
* Add Message-ID to the sendmail log (#5871)
* Add option to hide folders in share/other-user namespace or outside of the personal namespace root (#5073)
* Archive: Fix archiving by sender address on cyrus-imap
* Archive: Style Archive folder also on folder selector and folder manager lists
* Archive: Add Thunderbird compatible Month option (#5623)
* Archive: Create archive folder automatically if it's configured, but does not exist (#6076)
* Enigma: Add button to send mail unencrypted if no key was found (#5913)
* Enigma: Add options to set PGP cipher/digest algorithms (#5645)
* Enigma: Multi-host support
* Managesieve: Add ability to disable filter sets and other actions (#5496, #5898)
* Managesieve: Add option managesieve_forward to enable settings dialog for simple forwarding (#6021)
* Managesieve: Support filter action with custom IMAP flags (#6011)
* Managesieve: Support 'mime' extension tests - RFC5703 (#5832)
* Managesieve: Support GSSAPI authentication with krb_authentication plugin (#5779)
* Managesieve: Support enabling the plugin for specified hosts only (#6292)
* Password: Support host variables in password_db_dsn option (#5955)
* Password: Automatic virtualmin domain setting, removed password_virtualmin_format option (#5759)
* Password: Added password_username_format option (#5766)
* subscriptions_option: show \Noselect folders greyed out (#5621)
* zipdownload: Added option to define size limit for multiple messages download (#5696)
* vcard_attachments: Add possibility to send contact vCard from Contacts toolbar (#6080)
* Changed defaults for smtp_user (%u), smtp_pass (%p) and smtp_port (587)
* Composer: Fix certificate validation errors by using packagist only (#5148)
* Add --get and --extract arguments and CACHEDIR env-variable support to install-jsdeps.sh (#5882)
* Support _filter and _scope as GET arguments for opening mail UI (#5825)
* Various improvements for templating engine and skin behaviours
* * Support conditional include
* * Support for 'link' objects
* * Support including files with path relative to templates directory
* * Use instead of for submit button on logon screen
* Support skin localization (#5853)
* Reset onerror on images if placeholder does not exist to prevent from requests storm
* Unified and simplified code for loading content frame for responses and identities
* Display contact import and advanced search in popup dialogs
* Display a dialog for mail import with supported format description and upload size hint
* Make possible to set (some) config options from a skin
* Added optional checkbox selection for the list widget
* Make 'compose' command always enabled
* Add .log suffix to all log file names, add option log_file_ext to control this (#313)
* Return '401 Unauthorized' status when login fails (#5663)
* Support both comma and semicolon as recipient separator, drop recipients_separator option (#5092)
* Plugin API: Added 'show_bytes' hook (#5001)
* Add option to not indent quoted text on top-posting reply (#5105)
* Removed global $CONFIG variable
* Removed debug_level setting
* Support AUTHENTICATE LOGIN for IMAP connections (#5563)
* Support LDAP GSSAPI authentication (#5703)
* Localized timezone selector (#4983)
* Use 7bit encoding for ISO-2022-* charsets in sent mail (#5640)
* Handle inline images also inside multipart/mixed messages (#5905)
* Allow style tags in HTML editor on composed/reply messages (#5751)
* Use Github API as a fallback to fetch js dependencies to workaround throttling issues (#6248)
* Show confirm dialog when moving folders using drag and drop (#6119)
* Fix bug where new_user_dialog email check could have been circumvented by deleting / abandoning session (#5929)
* Fix skin extending for assets (#5115)
* Fix handling of forwarded messages inside of a TNEF message (#5632)
* Fix bug where attachment size wasn't visible when the filename was too long (#6033)
* Fix checking table columns when there's more schemas/databases in postgres/mysql (#6047)
* Fix css conflicts in user interface and e-mail content (#5891)
* Fix duplicated signature when using Back button in Chrome (#5809)
* Fix touch event issue on messages list in IE/Edge (#5781)
* Fix so links over images are not removed in plain text signatures converted from HTML (#4473)
* Fix various issues when downloading files with names containing non-ascii chars, use RFC 2231 (#5772)
Upgrade to version 1.3.10:
* Enigma: Fix 'decryption oracle' bug [CVE-2019-10740] (#6638)
Upgrade to version 1.3.9:
* Fix TinyMCE download location(s) (#6694)
* Fix so mime_content_type check in Installer uses files that should always be available (i.e. from program/resources) (#6599)
Upgrade to version 1.3.8:
* Fix support for 'allow-from ' in x_frame_options config option (#6449)
- add files with .log entry to logrotate config
enhance apache configuration by:
+ disable mbstring function overload (http://bugs.php.net/bug.php?id=30766)
+ do not allow to see README*, INSTALL, LICENSE or CHANGELOG files
+ set additional headers:
+ Content-Security-Policy: ask browsers to not set the referrer
+ Cache-Control: ask not to cache the content
+ Strict-Transport-Security: set HSTS rules for SSL traffic
+ X-XSS-Protection: configure built in reflective XSS protection
adjust README.openSUSE:
+ db.inc.php is not used any longer
+ flush privileges after creating/changing users in mysql
Patchnames
openSUSE-2022-10148
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for roundcubemail", title: "Title of the patch", }, { category: "description", text: "This update for roundcubemail fixes the following issues:\n\nroundcubemail was updated to 1.5.3\n\n* Enigma: Fix initial synchronization of private keys\n* Enigma: Fix double quoted-printable encoding of pgp-signed messages with no attachments (#8413)\n* Fix various PHP8 warnings (#8392)\n* Fix mail headers injection via the subject field on mail compose (#8404)\n* Fix bug where small message/rfc822 parts could not be decoded (#8408)\n* Fix setting HTML mode on reply/forward of a signed message (#8405)\n* Fix handling of RFC2231-encoded attachment names inside of a message/rfc822 part (#8418)\n* Fix bug where some mail parts (images) could have not be listed as attachments (#8425)\n* Fix bug where attachment icons were stuck at the top of the messages list in Safari (#8433)\n* Fix handling of message/rfc822 parts that are small and are multipart structures with a single part (#8458)\n* Fix bug where session could time out if DB and PHP timezone were different (#8303)\n* Fix bug where DSN flag state wasn't stored with a draft (#8371)\n* Fix broken encoding of HTML content encapsulated in a RTF attachment (#8444)\n* Fix problem with aria-hidden=true on toolbar menus in the Elastic skin (#8517)\n* Fix bug where title tag content was displayed in the body if it contained HTML tags (#8540)\n* Fix support for DSN specification without host e.g. pgsql:///dbname (#8558)\n\nupdate to 1.5.2\n\n* OAuth: pass 'id_token' to 'oauth_login' plugin hook (#8214)\n* OAuth: fix expiration of short-lived oauth tokens (#8147)\n* OAuth: fix relative path to assets if /index.php/foo/bar url is used (#8144)\n* OAuth: no auto-redirect on imap login failures (#8370)\n* OAuth: refresh access token in 'refresh' plugin hook (#8224)\n* Fix so folder search parameters are honored by subscriptions_option plugin (#8312)\n* Fix password change with Directadmin driver (#8322, #8329)\n* Fix so css files in plugins/jqueryui/themes will be minified too (#8337)\n* Fix handling of unicode/special characters in custom From input (#8357)\n* Fix some PHP8 compatibility issues (#8363)\n* Fix chpass-wrapper.py helper compatibility with Python 3 (#8324)\n* Fix scrolling and missing Close button in the Select image dialog in Elastic/mobile (#8367)\n* Security: fix cross-site scripting (XSS) via HTML messages with malicious CSS content\n\n- added Suggests: php-sqlite\n\n- use the virtual provides from each PHP module, to allow the installation\n of roundcubemail with various PHP versions. \n The only problem, we are currently facing is the automatic \n enablement of the PHP apache module during post-installation: \n Trying to evaluate the correct PHP module now during post as well, \n which should eleminate the pre-definition of the required \n PHP-Version during build completely.\n See https://build.opensuse.org/request/show/940859 for the initial\n discussion.\n\nupdate to 1.5.1\n\n* Fix importing contacts with no email address (#8227)\n* Fix so session's search scope is not used if search is not active (#8199)\n* Fix some PHP8 warnings (#8239)\n* Fix so dark mode state is retained after closing the browser (#8237)\n* Fix bug where new messages were not added to the list on refresh if skip_deleted=true (#8234)\n* Fix colors on 'Show source' page in dark mode (#8246)\n* Fix handling of dark_mode_support:false setting in skins meta.json - also when devel_mode=false (#8249)\n* Fix database initialization if db_prefix is a schema prefix (#8221)\n* Fix undefined constant error in Installer on Windows (#8258)\n* Fix installation/upgrade on MySQL 5.5 - Index column size too large (#8231)\n* Fix regression in setting of contact listing name (#8260)\n* Fix bug in Larry skin where headers toggle state was reset on full page preview (#8203)\n* Fix bug where \\u200b characters were added into the recipient input preventing mail delivery (#8269)\n* Fix charset conversion errors on PHP < 8 for charsets not supported by mbstring (#8252)\n* Fix bug where adding a contact to trusted senders via 'Always allow from...' button didn't work (#8264, #8268)\n* Fix bug with show_images setting where option 1 and 3 were swapped (#8268)\n* Fix PHP fatal error on an undefined constant in contacts import action (#8277)\n* Fix fetching headers of multiple message parts at once in rcube_imap_generic::fetchMIMEHeaders() (#8282)\n* Fix bug where attachment download could sometimes fail with a CSRF check error (#8283)\n* Fix an infinite loop when parsing environment variables with float/integer values (#8293)\n* Fix so 'small-dark' logo has more priority than the 'small' logo (#8298)\n\nupdate to 1.5.0\n\n+ full PHP8 support\n+ Dark mode for Elastic skin\n+ OAuth2/XOauth support (with plugin hooks)\n+ Collected recipients and trusted senders\n+ Moving recipients between inputs with drag & drop\n+ Full unicode support with MySQL database\n+ Support of IMAP LITERAL- extension RFC 7888 <https://datatracker.ietf.org/doc/html/rfc7888>\n+ Support of RFC 2231 <https://datatracker.ietf.org/doc/html/rfc2231> encoded names\n+ Cache refactoring More at https://github.com/roundcube/roundcubemail/releases/tag/1.5.0\n+ added SECURITY.md to documentation\n+ mark the whole documentation directory as documentation instead of listing some files and others not (avoid duplicate entries in RPM-DB)\n+ adjust requirements: php-intl is now required\n\nupdate to 1.4.11 with security fix:\n\n- Fix cross-site scripting (XSS) via HTML messages with malicious CSS content\n\n- add PHP version to Requires: and Recommends: to make sure the same\n version is installed as used during packaging\n- drop Requires: http_daemon (fixes boo#1180132) and Suggests: apache2\n (which is already required though mod_php_any)\n\nupdate to 1.4.10:\n\n* Stored cross-site scripting (XSS) via HTML or plain text messages \n with malicious content ( CVE-2020-35730 boo#1180399 )\n* Fix extra angle brackets in In-Reply-To header derived from mailto: params (#7655)\n* Fix folder list issue when special folder is a subfolder (#7647)\n* Fix Elastic's folder subscription toggle in search result (#7653)\n* Fix state of subscription toggle on folders list after changing \n folder state from the search result (#7653)\n* Security: Fix cross-site scripting (XSS) via HTML or plain text \n messages with malicious content\n\nupdate to 1.4.9:\n\n* Fix HTML editor in latest Chrome 85.0.4183.102, update to TinyMCE 4.9.11 (#7615)\n* Add missing localization for some label/legend elements in userinfo plugin (#7478)\n* Fix importing birthday dates from Gmail vCards (BDAY:YYYYMMDD)\n* Fix restoring Cc/Bcc fields from local storage (#7554)\n* Fix jstz.min.js installation, bump version to 1.0.7\n* Fix incorrect PDO::lastInsertId() use in sqlsrv driver (#7564)\n* Fix link to closure compiler in bin/jsshrink.sh script (#7567)\n* Fix bug where some parts of a message could have been missing in a reply/forward body (#7568)\n* Fix empty space on mail printouts in Chrome (#7604)\n* Fix empty output from HTML5 parser when content contains XML tag (#7624)\n* Fix scroll jump on key press in plain text mode of the HTML editor (#7622)\n* Fix so autocompletion list does not hide on scroll inside it (#7592)\n\nupdate to 1.4.8 with security fixes:\n\n* Fix cross-site scripting (XSS) via HTML messages with malicious svg content (CVE-2020-16145)\n* Fix cross-site scripting (XSS) via HTML messages with malicious math content\n\nupdate to 1.4.7 with security fix:\n\n* Fix bug where subfolders of special folders could have been duplicated on folder list\n* Increase maximum size of contact jobtitle and department fields to 128 characters\n* Fix missing newline after the logged line when writing to stdout (#7418)\n* Elastic: Fix context menu (paste) on the recipient input (#7431)\n* Fix problem with forwarding inline images attached to messages with no HTML part (#7414)\n* Fix problem with handling attached images with same name when using\n database_attachments/redundant_attachments (#7455)\n\n- add http.inc file\n\n * include one file for php5/php7 admin flags/values\n\nupdate to 1.4.5\n\nSecurity fixes\n* Fix XSS issue in template object 'username' (#7406)\n* Fix cross-site scripting (XSS) via malicious XML attachment\n* Fix a couple of XSS issues in Installer (#7406)\n* Better fix for CVE-2020-12641\n\nOther changes\n\n* Fix bug in extracting required plugins from composer.json that led \n to spurious error in log (#7364)\n* Fix so the database setup description is compatible with MySQL 8 (#7340)\n* Markasjunk: Fix regression in jsevent driver (#7361)\n* Fix missing flag indication on collapsed thread in Larry and Elastic (#7366)\n* Fix default keyservers (use keys.openpgp.org), add note about CORS (#7373, #7367)\n* Password: Fix issue with Modoboa driver (#7372)\n* Mailvelope: Use sender's address to find pubkeys to check signatures (#7348)\n* Mailvelope: Fix Encrypt button hidden in Elastic (#7353)\n* Fix PHP warning: count(): Parameter must be an array or an object... \n in ID command handler (#7392)\n* Fix error when user-configured skin does not exist anymore (#7271)\n* Elastic: Fix aspect ratio of a contact photo in mail preview (#7339)\n* Fix bug where PDF attachments marked as inline could have not been \n attached on mail forward (#7382)\n* Security: Fix a couple of XSS issues in Installer (#7406)\n* Security: Better fix for CVE-2020-12641\n\nupdate to 1.4.4\n\n* Fix bug where attachments with Content-Id were attached to the message on reply (#7122)\n* Fix identity selection on reply when both sender and recipient addresses are included in identities (#7211)\n* Elastic: Fix text selection with Shift+PageUp and Shift+PageDown in plain text editor when using Chrome (#7230)\n* Elastic: Fix recipient input bug when using click to select a contact from autocomplete list (#7231)\n* Elastic: Fix color of a folder with recent messages (#7281)\n* Elastic: Restrict logo size in print view (#7275)\n* Fix invalid Content-Type for messages with only html part and inline images * Mail_Mime-1.10.7 (#7261)\n* Fix missing contact display name in QR Code data (#7257)\n* Fix so button label in Select image/media dialogs is 'Close' not 'Cancel' (#7246)\n* Fix regression in testing database schema on MSSQL (#7227)\n* Fix cursor position after inserting a group to a recipient input using autocompletion (#7267)\n* Fix string literals handling in IMAP STATUS (and various other) responses (#7290)\n* Fix bug where multiple images in a message were replaced by the first one on forward/reply/edit (#7293)\n* Fix handling keyservers configured with protocol prefix (#7295)\n* Markasjunk: Fix marking as spam/ham on moving messages with Move menu (#7189)\n* Markasjunk: Fix bug where moving to Junk was failing on messages selected with Select > All (#7206)\n* Fix so imap error message is displayed to the user on folder create/update (#7245)\n* Fix bug where a special folder couldn't be created if a special-use flag is not supported (#7147)\n* Mailvelope: Fix bug where recipients with name were not handled properly in mail compose (#7312)\n* Fix characters encoding in group rename input after group creation/rename (#7330)\n* Fix bug where some message/rfc822 parts could not be attached on forward (#7323)\n* Make install-jsdeps.sh script working without the 'file' program installed (#7325)\n* Fix performance issue of parsing big HTML messages by disabling HTML5 parser for these (#7331)\n* Fix so Print button for PDF attachments works on Firefox >= 75 (#5125)\n\nupdate to 1.4.3\n\n* Enigma: Fix so key list selection is reset when opening key creation form (#7154)\n* Enigma: Fix so using list checkbox selection does not load the key preview frame\n* Enigma: Fix generation of key pairs for identities with IDN domains (#7181)\n* Enigma: Display IDN domains of key users and identities in UTF8\n* Enigma: Fix bug where 'Send unencrypted' button didn't work in Elastic skin (#7205)\n* Managesieve: Fix bug where it wasn't possible to save flag actions (#7188)\n* Markasjunk: Fix bug where marking as spam/ham didn't work on moving messages with drag-and-drop (#7137)\n* Password: Make chpass-wrapper.py Python 3 compatible (#7135)\n* Elastic: Fix disappearing sidebar in mail compose after clicking Mail button\n* Elastic: Fix incorrect aria-disabled attribute on Mail taskmenu button in mail compose\n* Elastic: Fix bug where it was possible to switch editor mode when 'htmleditor' was in 'dont_override' (#7143)\n* Elastic: Fix text selection in recipient inputs (#7129)\n* Elastic: Fix missing Close button in 'more recipients' dialog\n* Elastic: Fix non-working folder subscription checkbox for newly added folders (#7174)\n* Fix regression where 'Open in new window' action didn't work (#7155)\n* Fix PHP Warning: array_filter() expects parameter 1 to be array, null given in subscriptions_option plugin (#7165)\n* Fix unexpected error message when mail refresh involves folder auto-unsubscribe (#6923)\n* Fix recipient duplicates in print-view when the recipient list has been expanded (#7169)\n* Fix bug where files in skins/ directory were listed on skins list (#7180)\n* Fix bug where message parts with no Content-Disposition header and no name were not listed on attachments list (#7117)\n* Fix display issues with mail subject that contains line-breaks (#7191)\n* Fix invalid Content-Transfer-Encoding on multipart messages - Mail_Mime fix (#7170)\n* Fix regression where using an absolute path to SQLite database file on Windows didn't work (#7196)\n* Fix using unix:///path/to/socket.file in memcached driver (#7210)\n\n- prefer brotli over gzip if brotli is available:\n + enable mod_brotli in roundcubemail-httpd.conf (after deflate)\n + enable brotli via a2enmod for new installations\n\nupdate to 1.4.2:\n\n* Plugin API: Make actionbefore, before, actionafter and after \n\t events working with plugin actions (#7106)\n* Managesieve: Replace 'Filter disabled' with 'Filter enabled' (#7028)\n* Managesieve: Fix so modifier type select wasn't hidden after hiding \n\t modifier select on header change\n* Managesieve: Fix filter selection after removing a first filter (#7079)\n* Markasjunk: Fix marking more than one message as spam/ham with \n\t email_learn driver (#7121)\n* Password: Fix kpasswd and smb drivers' double-escaping bug (#7092)\n* Enigma: Add script to import keys from filesystem to the db \n\t storage (for multihost)\n* Installer: Fix DB Write test on SQLite database\n\t ('database is locked' error) (#7064)\n* Installer: Fix so SQLite DSN with a relative path to the database\n\t file works in Installer\n* Elastic: Fix contrast of warning toasts (#7058)\n* Elastic: Simple search in pretty selects (#7072)\n* Elastic: Fix hidden list widget on mobile/tablet when selecting \n\t folder while search menu is open (#7120)\n* Fix so type attribute on script tags is not used on HTML5 pages (#6975)\n* Fix unread count after purge on a folder that is not currently selected (#7051)\n* Fix bug where Enter key didn't work on messages list in 'List' layout (#7052)\n* Fix bug where deleting a saved search in addressbook caused \n display issue on sources/groups list (#7061)\n* Fix bug where a new saved search added after removing all searches\n wasn't added to the list (#7061)\n* Fix bug where a new contact group added after removing all groups\n from addressbook wasn't added to the list\n* Fix so install-jsdeps.sh removes Bootstrap's sourceMappingURL (#7035)\n* Fix so use of Ctrl+A does not scroll the list (#7020)\n* Fix/remove useless keyup event handler on username input in logon form (#6970)\n* Fix bug where cancelling switching from HTML to plain text didn't\n set the flag properly (#7077)\n* Fix bug where HTML reply could add an empty line with extra indentation\n above the original message (#7088)\n* Fix matching multiple X-Forwarded-For addresses with 'proxy_whitelist' (#7107)\n* Fix so displayed maximum attachment size depends also on 'max_message_size' (#7105)\n* Fix bug where 'skins_allowed' option didn't enforce user skin \n preference (#7080)\n* Fix so contact's organization field accepts up to 128 characters\n (it was 50)\n* Fix bug where listing tables in PostgreSQL database with db_prefix \n didn't work (#7093)\n* Fix bug where 'text' attribute on body tag was ignored when \n displaying HTML message (#7109)\n* Fix bug where next message wasn't displayed after delete in List mode (#7096)\n* Fix so number of contacts in a group is not limited to 200 when\n redirecting to mail composer from Contacts (#6972)\n* Fix malformed characters in HTML message with charset meta tag \n not in head (#7116)\n\n- php documentor is not needed on a productive system -> remove\n- also fix /usr/bin/env calls for two vendor scripts\n- skins now have some configurable files in their directories: \n move those files over to /etc/roundcubemail/skins/\n- move other text files (incl. vendor ones) out of the root \n directory (and handle the LICENSE file a bit different)\n- enable mod_filter and add AddOutputFilterByType for common media\n types like html, javascript or xml\n- enable php7 on newer openSUSE versions\n- enable deflate, expires, filter, headers and setenvif on a new \n installation - do not enable any module in case of an update\n- recommend php-imagick for additional features\n\n- fixed most of the shell scripts to contain /usr/bin/php\n\nUpgrade to version 1.4.1:\n\n* new defaults for smtp_* config options\n* changed default password_charset to UTF-8\n* login page returning 401 Unauthorized status\n\nUpgrade to version 1.4.0:\n\n* Update to jQuery 3.4.1\n* Update to TinyMCE 4.8.2\n* Update to jQuery-MiniColors 2.3.4\n* Clarified 'address_book_type' option behavior (#6680)\n* Added cookie mismatch detection, display an error message informing the user to clear cookies\n* Renamed 'log_session' option to 'session_debug'\n* Removed 'delete_always' option (#6782)\n* Don't log full session identifiers in userlogins log (#6625)\n* Support $HasAttachment/$HasNoAttachment keywords (#6201)\n* Support PECL memcached extension as a session and cache storage driver (experimental)\n* Switch to IDNA2008 variant (#6806)\n* installto.sh: Add possibility to run the update even on the up-to-date installation (#6533)\n* Plugin API: Add 'render_folder_selector' hook\n* Added 'keyservers' option to define list of HKP servers for Enigma/Mailvelope (#6326)\n* Added flag to disable server certificate validation via Mysql DSN argument (#6848)\n* Select all records on the current list page with CTRL + A (#6813)\n* Use Left/Right Arrow keys to faster move over threaded messages list (#6399)\n* Changes in display_next setting (#6795):\n* * Move it to Preferences > User Interface > Main Options\n* * Make it apply to Contacts interface too\n* * Make it apply only if deleting/moving a previewed message/contact\n* Redis: Support connection to unix socket\n* Put charset meta specification before a title tag, add page title automatically (#6811)\n* Elastic: Various internal refactorings\n* Elastic: Add Prev/Next buttons on message page toolbar (#6648)\n* Elastic: Close search options on Enter key press in quick-search input (#6660)\n* Elastic: Changed some icons (#6852)\n* Elastic: Changed read/unread icons (#6636)\n* Elastic: Changed 'Move to...' icon (#6637)\n* Elastic: Add hide/show for advanced preferences (#6632)\n* Elastic: Add default icon on Settings/Preferences lists for external plugins (#6814)\n* Elastic: Add indicator for popover menu items that open a submenu (#6868)\n* Elastic: Move compose attachments/options to the right side (#6839)\n* Elastic: Add border/background to attachments list widget (#6842)\n* Elastic: Add 'Show unread messages' button to the search bar (#6587)\n* Elastic: Fix bug where toolbar disappears on attachment menu use in Chrome (#6677)\n* Elastic: Fix folders list scrolling on touch devices (#6706)\n* Elastic: Fix non-working pretty selects in Chrome browser (#6705)\n* Elastic: Fix issue with absolute positioned mail content (#6739)\n* Elastic: Fix bug where some menu actions could cause a browser popup warning\n* Elastic: Fix handling mailto: URL parameters in contact menu (#6751)\n* Elastic: Fix keyboard navigation in some menus, e.g. the contact menu\n* Elastic: Fix visual issue with long buttons in .boxwarning (#6797)\n* Elastic: Fix handling new-line in text pasted to a recipient input\n* Elastic: Fix so search is not reset when returning from the message preview page (#6847)\n* Larry: Fix regression where menu actions didn't work with keyboard (#6740)\n* ACL: Display user/group names (from ldap) instead of acl identifier\n* Password: Added ldap_exop driver (#4992)\n* Password: Added support for SSHA512 password algorithm (#6805)\n* Managesieve: Fix bug where global includes were requested for vacation (#6716)\n* Managesieve: Use RFC-compliant line endings, CRLF instead of LF (#6686)\n* Managesieve: Fix so 'Create filter' option does not show up when Filters menu is disabled (#6723)\n* Enigma: For verified signatures, display the user id associated with the sender address (#5958)\n* Enigma: Fix bug where revoked users/keys were not greyed out in key info\n* Enigma: Fix error message when trying to encrypt with a revoked key (#6607)\n* Enigma: Fix 'decryption oracle' bug [CVE-2019-10740] (#6638)\n* Enigma: Fix bug where signature verification could have been skipped for some message structures (#6838)\n* Fix language selection for spellchecker in html mode (#6915)\n* Fix css styles leak from replied/forwarded message to the rest of the composed text (#6831)\n* Fix invalid path to 'add contact' icon when using assets_path setting\n* Fix invalid path to blocked.gif when using assets_path setting (#6752)\n* Fix so advanced search dialog is not automatically displayed on searchonly addressbooks (#6679)\n* Fix so an error is logged when more than one attachment plugin has been enabled, initialize the first one (#6735)\n* Fix bug where flag change could have been passed to a preview frame when not expected\n* Fix bug in HTML parser that could cause missing text fragments when there was no head/body tag (#6713)\n* Fix bug where HTML messages with a xml:namespace tag were not rendered (#6697)\n* Fix TinyMCE download location (#6694)\n* Fix so 'Open in new window' consistently displays 'external window' interface (#6659)\n* Fix bug where next row wasn't selected after deleting a collapsed thread (#6655)\n* Fix bug where external content (e.g. mail body) was passed to templates parsing code (#6640)\n* Fix bug where attachment preview didn't work with x_frame_options=deny (#6688)\n* Fix so bin/install-jsdeps.sh returns error code on error (#6704)\n* Fix bug where bmp images couldn't be displayed on some systems (#6728)\n* Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp (#6744)\n* Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758)\n* Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only tld (#6746)\n* Fix bug where Next/Prev button in mail view didn't work with multi-folder search result (#6793)\n* Fix bug where selection of columns on messages list wasn't working\n* Fix bug in converting multi-page Tiff images to Jpeg (#6824)\n* Fix bug where handling multiple messages from multi-folder search result could not work (#6845)\n* Fix bug where unread count wasn't updated after moving multi-folder result (#6846)\n* Fix wrong messages order after returning to a multi-folder search result (#6836)\n* Fix some PHP 7.4 compat. issues (#6884, #6866)\n* Fix bug where it was possible to bypass the position:fixed CSS check in received messages (#6898)\n* Fix bug where some strict remote URIs in url() style were unintentionally blocked (#6899)\n* Fix bug where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class (#6897)\n* Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896)\n* Changed 'password_charset' default to 'UTF-8' (#6522)\n* Add skins_allowed option (#6483)\n* SMTP GSSAPI support via krb_authentication plugin (#6417)\n* Avoid Referer leaking by using Referrer-Policy:same-origin header (#6385)\n* Removed 'referer_check' option (#6440)\n* Use constant prefix for temp file names, don't remove temp files from other apps (#6511)\n* Ignore 'Sender' header on Reply-All action (#6506)\n* deluser.sh: Add option to delete users who have not logged in for more than X days (#6340)\n* HTML5 Upload Progress - as a replacement for the old server-side solution (#6177)\n* Prevent from using deprecated timezone names from jsTimezoneDetect\n* Force session.gc_probability=1 when using custom session handlers (#6560)\n* Support simple field labels (e.g. LetterHub examples) in csv imports (#6541)\n* Add cache busters also to images used by templates (#6610)\n* Plugin API: Added 'raise_error' hook (#6199)\n* Plugin API: Added 'common_headers' hook (#6385)\n* Plugin API: Added 'ldap_connected' hook\n* Enigma: Update to OpenPGPjs 4.2.1 - fixes user name encoding issues in key generation (#6524)\n* Enigma: Fixed multi-host synchronization of private and deleted keys and pubring.kbx file\n* Managesieve: Added support for 'editheader' extension - RFC5293 (#5954)\n* Managesieve: Fix bug where custom header or variable could be lost on form submission (#6594)\n* Markasjunk: Integrate markasjunk2 features into markasjunk - marking as non-junk + learning engine (#6504)\n* Password: Added 'modoboa' driver (#6361)\n* Password: Fix bug where password_dovecotpw_with_method setting could be ignored (#6436)\n* Password: Fix bug where new users could skip forced password change (#6434)\n* Password: Allow drivers to override default password comparisons (eg new is not same as current) (#6473)\n* Password: Allow drivers to override default strength checks (eg allow for 'not the same as last x passwords') (#246)\n* Passowrd: Allow drivers to define password strength rules displayed to the user\n* Password: Allow separate password saving and strength drivers for use of strength checking services (#5040)\n* Password: Add zxcvbn driver for checking password strength (#6479)\n* Password: Disallow control characters in passwords\n* Password: Add support for Plesk >= 17.8 (#6526)\n* Elastic: Improved datepicker displayed always in parent window\n* Elastic: On touch devices display attachment icons on messages list (#6296)\n* Elastic: Make menu button inactive if all subactions are inactive (#6444)\n* Elastic: On mobile/tablet jump to the list on folder selection (#6415)\n* Elastic: Various improvements on mail compose screen (#6413)\n* Elastic: Support new-line char as a separator for pasted recipients (#6460)\n* Elastic: Improved UX of search dialogs (#6416)\n* Elastic: Fix unwanted thread expanding when selecting a collapsed thread in non-mobile mode (#6445)\n* Elastic: Fix too small height of mailvelope mail preview frame (#6600)\n* Elastic: Add 'status bar' for mobile in mail composer\n* Elastic: Add selection options on contacts list (#6595)\n* Elastic: Fix unintentional layout preference overwrite (#6613)\n* Elastic: Fix bug where Enigma options in mail compose could sometimes be ignored (#6515)\n* Log errors caused by low pcre.backtrack_limit when sending a mail message (#6433)\n* Fix regression where drafts were not deleted after sending the message (#6756)\n* Fix so max_message_size limit is checked also when forwarding messages as attachments (#6580)\n* Fix so performance stats are logged to the main console log also when per_user_logging=true\n* Fix malformed message saved into Sent folder when using big attachments and low memory limit (#6498)\n* Fix incorrect IMAP SASL GSSAPI negotiation (#6308)\n* Fix so unicode in local part of the email address is also supported in recipient inputs (#6490)\n* Fix bug where autocomplete list could be displayed out of screen (#6469)\n* Fix style/navigation on error page depending on authentication state (#6362)\n* Fix so invalid smtp_helo_host is never used, fallback to localhost (#6408)\n* Fix custom logo size in Elastic (#6424)\n* Fix listing the same attachment multiple times on forwarded messages\n* Fix bug where a message/rfc822 part without a filename wasn't listed on the attachments list (#6494)\n* Fix inconsistent offset for various time zones - always display Standard Time offset (#6531)\n* Fix dummy Message-Id when resuming a draft without Message-Id header (#6548)\n* Fix handling of empty entries in vCard import (#6564)\n* Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577)\n* Fix PHP 7.2 compatibility in debug_logger plugin (#6586)\n* Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581)\n* Fix so mime_content_type check in Installer uses files that should always be available (i.e. from program/resources) (#6599)\n* Fix missing CSRF token on a link to download too-big message part (#6621)\n* Fix bug when aborting dragging with ESC key didn't stop the move action (#6623)\n* Improved Mailvelope integration\n* * Added private key listing and generating to identity settings\n* * Enable encrypt & sign option if Mailvelope supports it\n* Allow contacts without an email address (#5079)\n* Support SMTPUTF8 and relax email address validation to support unicode in local part (#5120)\n* Support for IMAP folders that cannot contain both folders and messages (#5057)\n* Remove sample PHP configuration from .htaccess and .user.ini files (#5850)\n* Extend skin_logo setting to allow per skin logos (#6272)\n* Use Masterminds/HTML5 parser for better HTML5 support (#5761)\n* Add More actions button in Contacts toolbar with Copy/Move actions (#6081)\n* Display an error when clicking disabled link to register protocol handler (#6079)\n* Add option trusted_host_patterns (#6009, #5752)\n* Support additional connect parameters in PostgreSQL database wrapper\n* Use UI dialogs instead of confirm() and alert() where possible\n* Display value of the SMTP message size limit in the error message (#6032)\n* Show message flagged status in message view (#5080)\n* Skip redundant INSERT query on successful logon when using PHP7\n* Replace display_version with display_product_version (#5904)\n* Extend disabled_actions config so it accepts also button names (#5903)\n* Handle remote stylesheets the same as remote images, ask the user to allow them (#5994)\n* Add Message-ID to the sendmail log (#5871)\n* Add option to hide folders in share/other-user namespace or outside of the personal namespace root (#5073)\n* Archive: Fix archiving by sender address on cyrus-imap\n* Archive: Style Archive folder also on folder selector and folder manager lists\n* Archive: Add Thunderbird compatible Month option (#5623)\n* Archive: Create archive folder automatically if it's configured, but does not exist (#6076)\n* Enigma: Add button to send mail unencrypted if no key was found (#5913)\n* Enigma: Add options to set PGP cipher/digest algorithms (#5645)\n* Enigma: Multi-host support\n* Managesieve: Add ability to disable filter sets and other actions (#5496, #5898)\n* Managesieve: Add option managesieve_forward to enable settings dialog for simple forwarding (#6021)\n* Managesieve: Support filter action with custom IMAP flags (#6011)\n* Managesieve: Support 'mime' extension tests - RFC5703 (#5832)\n* Managesieve: Support GSSAPI authentication with krb_authentication plugin (#5779)\n* Managesieve: Support enabling the plugin for specified hosts only (#6292)\n* Password: Support host variables in password_db_dsn option (#5955)\n* Password: Automatic virtualmin domain setting, removed password_virtualmin_format option (#5759)\n* Password: Added password_username_format option (#5766)\n* subscriptions_option: show \\Noselect folders greyed out (#5621)\n* zipdownload: Added option to define size limit for multiple messages download (#5696)\n* vcard_attachments: Add possibility to send contact vCard from Contacts toolbar (#6080)\n* Changed defaults for smtp_user (%u), smtp_pass (%p) and smtp_port (587)\n* Composer: Fix certificate validation errors by using packagist only (#5148)\n* Add --get and --extract arguments and CACHEDIR env-variable support to install-jsdeps.sh (#5882)\n* Support _filter and _scope as GET arguments for opening mail UI (#5825)\n* Various improvements for templating engine and skin behaviours\n* * Support conditional include\n* * Support for 'link' objects\n* * Support including files with path relative to templates directory\n* * Use instead of for submit button on logon screen\n* Support skin localization (#5853)\n* Reset onerror on images if placeholder does not exist to prevent from requests storm\n* Unified and simplified code for loading content frame for responses and identities\n* Display contact import and advanced search in popup dialogs\n* Display a dialog for mail import with supported format description and upload size hint\n* Make possible to set (some) config options from a skin\n* Added optional checkbox selection for the list widget\n* Make 'compose' command always enabled\n* Add .log suffix to all log file names, add option log_file_ext to control this (#313)\n* Return '401 Unauthorized' status when login fails (#5663)\n* Support both comma and semicolon as recipient separator, drop recipients_separator option (#5092)\n* Plugin API: Added 'show_bytes' hook (#5001)\n* Add option to not indent quoted text on top-posting reply (#5105)\n* Removed global $CONFIG variable\n* Removed debug_level setting\n* Support AUTHENTICATE LOGIN for IMAP connections (#5563)\n* Support LDAP GSSAPI authentication (#5703)\n* Localized timezone selector (#4983)\n* Use 7bit encoding for ISO-2022-* charsets in sent mail (#5640)\n* Handle inline images also inside multipart/mixed messages (#5905)\n* Allow style tags in HTML editor on composed/reply messages (#5751)\n* Use Github API as a fallback to fetch js dependencies to workaround throttling issues (#6248)\n* Show confirm dialog when moving folders using drag and drop (#6119)\n* Fix bug where new_user_dialog email check could have been circumvented by deleting / abandoning session (#5929)\n* Fix skin extending for assets (#5115)\n* Fix handling of forwarded messages inside of a TNEF message (#5632)\n* Fix bug where attachment size wasn't visible when the filename was too long (#6033)\n* Fix checking table columns when there's more schemas/databases in postgres/mysql (#6047)\n* Fix css conflicts in user interface and e-mail content (#5891)\n* Fix duplicated signature when using Back button in Chrome (#5809)\n* Fix touch event issue on messages list in IE/Edge (#5781)\n* Fix so links over images are not removed in plain text signatures converted from HTML (#4473)\n* Fix various issues when downloading files with names containing non-ascii chars, use RFC 2231 (#5772)\n\nUpgrade to version 1.3.10:\n\n* Enigma: Fix 'decryption oracle' bug [CVE-2019-10740] (#6638)\n\nUpgrade to version 1.3.9:\n\n* Fix TinyMCE download location(s) (#6694)\n* Fix so mime_content_type check in Installer uses files that should always be available (i.e. from program/resources) (#6599)\n\nUpgrade to version 1.3.8:\n\n* Fix support for 'allow-from ' in x_frame_options config option (#6449)\n\n- add files with .log entry to logrotate config\n\nenhance apache configuration by:\n\n+ disable mbstring function overload (http://bugs.php.net/bug.php?id=30766)\n+ do not allow to see README*, INSTALL, LICENSE or CHANGELOG files\n+ set additional headers:\n\n + Content-Security-Policy: ask browsers to not set the referrer\n + Cache-Control: ask not to cache the content\n + Strict-Transport-Security: set HSTS rules for SSL traffic\n + X-XSS-Protection: configure built in reflective XSS protection\n\nadjust README.openSUSE: \n\n+ db.inc.php is not used any longer\n+ flush privileges after creating/changing users in mysql\n\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2022-10148", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_10148-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2022:10148-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3WUL4HE7A5MLE433XPBQYBUU6265EYNA/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2022:10148-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3WUL4HE7A5MLE433XPBQYBUU6265EYNA/", }, { category: "self", summary: "SUSE Bug 1180132", url: "https://bugzilla.suse.com/1180132", }, { category: "self", summary: "SUSE Bug 1180399", url: "https://bugzilla.suse.com/1180399", }, { category: "self", summary: "SUSE CVE CVE-2019-10740 page", url: "https://www.suse.com/security/cve/CVE-2019-10740/", }, { category: "self", summary: "SUSE CVE CVE-2020-12641 page", url: "https://www.suse.com/security/cve/CVE-2020-12641/", }, { category: "self", summary: "SUSE CVE CVE-2020-16145 page", url: "https://www.suse.com/security/cve/CVE-2020-16145/", }, { category: "self", summary: "SUSE CVE CVE-2020-35730 page", url: "https://www.suse.com/security/cve/CVE-2020-35730/", }, ], title: "Security update for roundcubemail", tracking: { current_release_date: "2022-10-16T19:12:24Z", generator: { date: "2022-10-16T19:12:24Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2022:10148-1", initial_release_date: "2022-10-16T19:12:24Z", revision_history: [ { date: "2022-10-16T19:12:24Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "roundcubemail-1.5.3-bp154.2.3.1.noarch", product: { name: "roundcubemail-1.5.3-bp154.2.3.1.noarch", product_id: "roundcubemail-1.5.3-bp154.2.3.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Package Hub 15 SP3", product: { name: "SUSE Package Hub 15 SP3", product_id: "SUSE Package Hub 15 SP3", }, }, { category: "product_name", name: "SUSE Package Hub 15 SP4", product: { name: "SUSE Package Hub 15 SP4", product_id: "SUSE Package Hub 15 SP4", }, }, { category: "product_name", name: "openSUSE Leap 15.3", product: { name: "openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.3", }, }, }, { category: "product_name", name: "openSUSE Leap 15.4", product: { name: "openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "roundcubemail-1.5.3-bp154.2.3.1.noarch as component of SUSE Package Hub 15 SP3", product_id: "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", }, product_reference: "roundcubemail-1.5.3-bp154.2.3.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP3", }, { category: "default_component_of", full_product_name: { name: "roundcubemail-1.5.3-bp154.2.3.1.noarch as component of SUSE Package Hub 15 SP4", product_id: "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", }, product_reference: "roundcubemail-1.5.3-bp154.2.3.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP4", }, { category: "default_component_of", full_product_name: { name: "roundcubemail-1.5.3-bp154.2.3.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", }, product_reference: "roundcubemail-1.5.3-bp154.2.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "roundcubemail-1.5.3-bp154.2.3.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", }, product_reference: "roundcubemail-1.5.3-bp154.2.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, ], }, vulnerabilities: [ { cve: "CVE-2019-10740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10740", }, ], notes: [ { category: "general", text: "In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-10740", url: "https://www.suse.com/security/cve/CVE-2019-10740", }, { category: "external", summary: "SUSE Bug 1131801 for CVE-2019-10740", url: "https://bugzilla.suse.com/1131801", }, { category: "external", summary: "SUSE Bug 1175135 for CVE-2019-10740", url: "https://bugzilla.suse.com/1175135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-10-16T19:12:24Z", details: "moderate", }, ], title: "CVE-2019-10740", }, { cve: "CVE-2020-12641", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12641", }, ], notes: [ { category: "general", text: "rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-12641", url: "https://www.suse.com/security/cve/CVE-2020-12641", }, { category: "external", summary: "SUSE Bug 1171148 for CVE-2020-12641", url: "https://bugzilla.suse.com/1171148", }, { category: "external", summary: "SUSE Bug 1175135 for CVE-2020-12641", url: "https://bugzilla.suse.com/1175135", }, { category: "external", summary: "SUSE Bug 1226069 for CVE-2020-12641", url: "https://bugzilla.suse.com/1226069", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-10-16T19:12:24Z", details: "critical", }, ], title: "CVE-2020-12641", }, { cve: "CVE-2020-16145", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16145", }, ], notes: [ { category: "general", text: "Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-16145", url: "https://www.suse.com/security/cve/CVE-2020-16145", }, { category: "external", summary: "SUSE Bug 1175135 for CVE-2020-16145", url: "https://bugzilla.suse.com/1175135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-10-16T19:12:24Z", details: "moderate", }, ], title: "CVE-2020-16145", }, { cve: "CVE-2020-35730", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-35730", }, ], notes: [ { category: "general", text: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-35730", url: "https://www.suse.com/security/cve/CVE-2020-35730", }, { category: "external", summary: "SUSE Bug 1180399 for CVE-2020-35730", url: "https://bugzilla.suse.com/1180399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "SUSE Package Hub 15 SP4:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.3:roundcubemail-1.5.3-bp154.2.3.1.noarch", "openSUSE Leap 15.4:roundcubemail-1.5.3-bp154.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2022-10-16T19:12:24Z", details: "moderate", }, ], title: "CVE-2020-35730", }, ], }
opensuse-su-2021:0959-1
Vulnerability from csaf_opensuse
Published
2021-07-02 18:06
Modified
2021-07-02 18:06
Summary
Security update for roundcubemail
Notes
Title of the patch
Security update for roundcubemail
Description of the patch
This update for roundcubemail fixes the following issues:
Upgrade to version 1.3.16
This is a security update to the LTS version 1.3.
It fixes a recently reported stored cross-site scripting (XSS)
vulnerability via HTML or plain text messages with malicious content.
References:
- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)
- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)
- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)
This update was imported from the openSUSE:Leap:15.2:Update update project.
Patchnames
openSUSE-2021-959
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for roundcubemail", title: "Title of the patch", }, { category: "description", text: "This update for roundcubemail fixes the following issues:\n\nUpgrade to version 1.3.16\n\nThis is a security update to the LTS version 1.3.\n\nIt fixes a recently reported stored cross-site scripting (XSS)\nvulnerability via HTML or plain text messages with malicious content.\n\nReferences:\n\n- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)\n- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)\n- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)\n\nThis update was imported from the openSUSE:Leap:15.2:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2021-959", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0959-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2021:0959-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MQFQAJIVNNLDRXMOUJWPMCCBT4WU5N5O/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2021:0959-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MQFQAJIVNNLDRXMOUJWPMCCBT4WU5N5O/", }, { category: "self", summary: "SUSE Bug 1180399", url: "https://bugzilla.suse.com/1180399", }, { category: "self", summary: "SUSE Bug 1187706", url: "https://bugzilla.suse.com/1187706", }, { category: "self", summary: "SUSE Bug 1187707", url: "https://bugzilla.suse.com/1187707", }, { category: "self", summary: "SUSE CVE CVE-2020-18670 page", url: "https://www.suse.com/security/cve/CVE-2020-18670/", }, { category: "self", summary: "SUSE CVE CVE-2020-18671 page", url: "https://www.suse.com/security/cve/CVE-2020-18671/", }, { category: "self", summary: "SUSE CVE CVE-2020-35730 page", url: "https://www.suse.com/security/cve/CVE-2020-35730/", }, ], title: "Security update for roundcubemail", tracking: { current_release_date: "2021-07-02T18:06:27Z", generator: { date: "2021-07-02T18:06:27Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2021:0959-1", initial_release_date: "2021-07-02T18:06:27Z", revision_history: [ { date: "2021-07-02T18:06:27Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "roundcubemail-1.3.16-bp152.4.10.1.noarch", product: { name: "roundcubemail-1.3.16-bp152.4.10.1.noarch", product_id: "roundcubemail-1.3.16-bp152.4.10.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Package Hub 15 SP2", product: { name: "SUSE Package Hub 15 SP2", product_id: "SUSE Package Hub 15 SP2", }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "roundcubemail-1.3.16-bp152.4.10.1.noarch as component of SUSE Package Hub 15 SP2", product_id: "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.10.1.noarch", }, product_reference: "roundcubemail-1.3.16-bp152.4.10.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-18670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18670", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.10.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18670", url: "https://www.suse.com/security/cve/CVE-2020-18670", }, { category: "external", summary: "SUSE Bug 1187707 for CVE-2020-18670", url: "https://bugzilla.suse.com/1187707", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.10.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.10.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-07-02T18:06:27Z", details: "low", }, ], title: "CVE-2020-18670", }, { cve: "CVE-2020-18671", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18671", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.10.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18671", url: "https://www.suse.com/security/cve/CVE-2020-18671", }, { category: "external", summary: "SUSE Bug 1187706 for CVE-2020-18671", url: "https://bugzilla.suse.com/1187706", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.10.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.10.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-07-02T18:06:27Z", details: "low", }, ], title: "CVE-2020-18671", }, { cve: "CVE-2020-35730", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-35730", }, ], notes: [ { category: "general", text: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.10.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-35730", url: "https://www.suse.com/security/cve/CVE-2020-35730", }, { category: "external", summary: "SUSE Bug 1180399 for CVE-2020-35730", url: "https://bugzilla.suse.com/1180399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.10.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.10.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-07-02T18:06:27Z", details: "moderate", }, ], title: "CVE-2020-35730", }, ], }
opensuse-su-2021:0931-1
Vulnerability from csaf_opensuse
Published
2021-06-27 05:03
Modified
2021-06-27 05:03
Summary
Security update for roundcubemail
Notes
Title of the patch
Security update for roundcubemail
Description of the patch
This update for roundcubemail fixes the following issues:
Upgrade to version 1.3.16
This is a security update to the LTS version 1.3.
It fixes a recently reported stored cross-site scripting (XSS)
vulnerability via HTML or plain text messages with malicious content.
References:
- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)
- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)
- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)
Patchnames
openSUSE-2021-931
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for roundcubemail", title: "Title of the patch", }, { category: "description", text: "This update for roundcubemail fixes the following issues:\n\nUpgrade to version 1.3.16\n\nThis is a security update to the LTS version 1.3.\n\nIt fixes a recently reported stored cross-site scripting (XSS)\nvulnerability via HTML or plain text messages with malicious content.\n\nReferences:\n\n- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)\n- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)\n- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2021-931", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0931-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2021:0931-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BPPHYZD6Y3QJBTGPLX66Y3DJ3KCNEUJQ/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2021:0931-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BPPHYZD6Y3QJBTGPLX66Y3DJ3KCNEUJQ/", }, { category: "self", summary: "SUSE Bug 1180399", url: "https://bugzilla.suse.com/1180399", }, { category: "self", summary: "SUSE Bug 1187706", url: "https://bugzilla.suse.com/1187706", }, { category: "self", summary: "SUSE Bug 1187707", url: "https://bugzilla.suse.com/1187707", }, { category: "self", summary: "SUSE CVE CVE-2020-18670 page", url: "https://www.suse.com/security/cve/CVE-2020-18670/", }, { category: "self", summary: "SUSE CVE CVE-2020-18671 page", url: "https://www.suse.com/security/cve/CVE-2020-18671/", }, { category: "self", summary: "SUSE CVE CVE-2020-35730 page", url: "https://www.suse.com/security/cve/CVE-2020-35730/", }, ], title: "Security update for roundcubemail", tracking: { current_release_date: "2021-06-27T05:03:50Z", generator: { date: "2021-06-27T05:03:50Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2021:0931-1", initial_release_date: "2021-06-27T05:03:50Z", revision_history: [ { date: "2021-06-27T05:03:50Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "roundcubemail-1.3.16-lp152.4.6.1.noarch", product: { name: "roundcubemail-1.3.16-lp152.4.6.1.noarch", product_id: "roundcubemail-1.3.16-lp152.4.6.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.2", product: { name: "openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "roundcubemail-1.3.16-lp152.4.6.1.noarch as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:roundcubemail-1.3.16-lp152.4.6.1.noarch", }, product_reference: "roundcubemail-1.3.16-lp152.4.6.1.noarch", relates_to_product_reference: "openSUSE Leap 15.2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-18670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18670", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:roundcubemail-1.3.16-lp152.4.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18670", url: "https://www.suse.com/security/cve/CVE-2020-18670", }, { category: "external", summary: "SUSE Bug 1187707 for CVE-2020-18670", url: "https://bugzilla.suse.com/1187707", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:roundcubemail-1.3.16-lp152.4.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:roundcubemail-1.3.16-lp152.4.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-06-27T05:03:50Z", details: "low", }, ], title: "CVE-2020-18670", }, { cve: "CVE-2020-18671", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18671", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:roundcubemail-1.3.16-lp152.4.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18671", url: "https://www.suse.com/security/cve/CVE-2020-18671", }, { category: "external", summary: "SUSE Bug 1187706 for CVE-2020-18671", url: "https://bugzilla.suse.com/1187706", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:roundcubemail-1.3.16-lp152.4.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:roundcubemail-1.3.16-lp152.4.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-06-27T05:03:50Z", details: "low", }, ], title: "CVE-2020-18671", }, { cve: "CVE-2020-35730", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-35730", }, ], notes: [ { category: "general", text: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:roundcubemail-1.3.16-lp152.4.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-35730", url: "https://www.suse.com/security/cve/CVE-2020-35730", }, { category: "external", summary: "SUSE Bug 1180399 for CVE-2020-35730", url: "https://bugzilla.suse.com/1180399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:roundcubemail-1.3.16-lp152.4.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:roundcubemail-1.3.16-lp152.4.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-06-27T05:03:50Z", details: "moderate", }, ], title: "CVE-2020-35730", }, ], }
opensuse-su-2021:0974-1
Vulnerability from csaf_opensuse
Published
2021-07-06 04:06
Modified
2021-07-06 04:06
Summary
Security update for roundcubemail
Notes
Title of the patch
Security update for roundcubemail
Description of the patch
This update for roundcubemail fixes the following issues:
Upgrade to version 1.3.16
This is a security update to the LTS version 1.3.
It fixes a recently reported stored cross-site scripting (XSS)
vulnerability via HTML or plain text messages with malicious content.
References:
- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)
- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)
- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)
This update was imported from the openSUSE:Leap:15.2:Update update project.
Patchnames
openSUSE-2021-974
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for roundcubemail", title: "Title of the patch", }, { category: "description", text: "This update for roundcubemail fixes the following issues:\n\nUpgrade to version 1.3.16\n\nThis is a security update to the LTS version 1.3.\n\nIt fixes a recently reported stored cross-site scripting (XSS)\nvulnerability via HTML or plain text messages with malicious content.\n\nReferences:\n\n- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)\n- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)\n- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)\n\nThis update was imported from the openSUSE:Leap:15.2:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2021-974", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0974-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2021:0974-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CGT4RWCLEWSTAAYEWMVZRY24ZY53D2Z3/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2021:0974-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CGT4RWCLEWSTAAYEWMVZRY24ZY53D2Z3/", }, { category: "self", summary: "SUSE Bug 1180399", url: "https://bugzilla.suse.com/1180399", }, { category: "self", summary: "SUSE Bug 1187706", url: "https://bugzilla.suse.com/1187706", }, { category: "self", summary: "SUSE Bug 1187707", url: "https://bugzilla.suse.com/1187707", }, { category: "self", summary: "SUSE CVE CVE-2020-18670 page", url: "https://www.suse.com/security/cve/CVE-2020-18670/", }, { category: "self", summary: "SUSE CVE CVE-2020-18671 page", url: "https://www.suse.com/security/cve/CVE-2020-18671/", }, { category: "self", summary: "SUSE CVE CVE-2020-35730 page", url: "https://www.suse.com/security/cve/CVE-2020-35730/", }, ], title: "Security update for roundcubemail", tracking: { current_release_date: "2021-07-06T04:06:38Z", generator: { date: "2021-07-06T04:06:38Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2021:0974-1", initial_release_date: "2021-07-06T04:06:38Z", revision_history: [ { date: "2021-07-06T04:06:38Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "roundcubemail-1.3.16-bp152.4.14.1.noarch", product: { name: "roundcubemail-1.3.16-bp152.4.14.1.noarch", product_id: "roundcubemail-1.3.16-bp152.4.14.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Package Hub 15 SP2", product: { name: "SUSE Package Hub 15 SP2", product_id: "SUSE Package Hub 15 SP2", }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "roundcubemail-1.3.16-bp152.4.14.1.noarch as component of SUSE Package Hub 15 SP2", product_id: "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.14.1.noarch", }, product_reference: "roundcubemail-1.3.16-bp152.4.14.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-18670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18670", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.14.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18670", url: "https://www.suse.com/security/cve/CVE-2020-18670", }, { category: "external", summary: "SUSE Bug 1187707 for CVE-2020-18670", url: "https://bugzilla.suse.com/1187707", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.14.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.14.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-07-06T04:06:38Z", details: "low", }, ], title: "CVE-2020-18670", }, { cve: "CVE-2020-18671", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18671", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.14.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18671", url: "https://www.suse.com/security/cve/CVE-2020-18671", }, { category: "external", summary: "SUSE Bug 1187706 for CVE-2020-18671", url: "https://bugzilla.suse.com/1187706", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.14.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.14.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-07-06T04:06:38Z", details: "low", }, ], title: "CVE-2020-18671", }, { cve: "CVE-2020-35730", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-35730", }, ], notes: [ { category: "general", text: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.14.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-35730", url: "https://www.suse.com/security/cve/CVE-2020-35730", }, { category: "external", summary: "SUSE Bug 1180399 for CVE-2020-35730", url: "https://bugzilla.suse.com/1180399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.14.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.14.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-07-06T04:06:38Z", details: "moderate", }, ], title: "CVE-2020-35730", }, ], }
opensuse-su-2021:0942-1
Vulnerability from csaf_opensuse
Published
2021-06-29 14:06
Modified
2021-06-29 14:06
Summary
Security update for roundcubemail
Notes
Title of the patch
Security update for roundcubemail
Description of the patch
This update for roundcubemail fixes the following issues:
Upgrade to version 1.3.16
This is a security update to the LTS version 1.3.
It fixes a recently reported stored cross-site scripting (XSS)
vulnerability via HTML or plain text messages with malicious content.
References:
- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)
- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)
- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)
Patchnames
openSUSE-2021-942
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for roundcubemail", title: "Title of the patch", }, { category: "description", text: "This update for roundcubemail fixes the following issues:\n\nUpgrade to version 1.3.16\n\nThis is a security update to the LTS version 1.3. \n\nIt fixes a recently reported stored cross-site scripting (XSS) \nvulnerability via HTML or plain text messages with malicious content.\n\nReferences:\n\n- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707)\n- CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706)\n- CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2021-942", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0942-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2021:0942-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5DFRT3CZ2UBV2PGLI4GUZ7AGDCQXVUQR/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2021:0942-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5DFRT3CZ2UBV2PGLI4GUZ7AGDCQXVUQR/", }, { category: "self", summary: "SUSE Bug 1180399", url: "https://bugzilla.suse.com/1180399", }, { category: "self", summary: "SUSE Bug 1187706", url: "https://bugzilla.suse.com/1187706", }, { category: "self", summary: "SUSE Bug 1187707", url: "https://bugzilla.suse.com/1187707", }, { category: "self", summary: "SUSE CVE CVE-2020-18670 page", url: "https://www.suse.com/security/cve/CVE-2020-18670/", }, { category: "self", summary: "SUSE CVE CVE-2020-18671 page", url: "https://www.suse.com/security/cve/CVE-2020-18671/", }, { category: "self", summary: "SUSE CVE CVE-2020-35730 page", url: "https://www.suse.com/security/cve/CVE-2020-35730/", }, ], title: "Security update for roundcubemail", tracking: { current_release_date: "2021-06-29T14:06:38Z", generator: { date: "2021-06-29T14:06:38Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2021:0942-1", initial_release_date: "2021-06-29T14:06:38Z", revision_history: [ { date: "2021-06-29T14:06:38Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "roundcubemail-1.3.16-bp152.4.6.1.noarch", product: { name: "roundcubemail-1.3.16-bp152.4.6.1.noarch", product_id: "roundcubemail-1.3.16-bp152.4.6.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Package Hub 15 SP2", product: { name: "SUSE Package Hub 15 SP2", product_id: "SUSE Package Hub 15 SP2", }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "roundcubemail-1.3.16-bp152.4.6.1.noarch as component of SUSE Package Hub 15 SP2", product_id: "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.6.1.noarch", }, product_reference: "roundcubemail-1.3.16-bp152.4.6.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-18670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18670", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18670", url: "https://www.suse.com/security/cve/CVE-2020-18670", }, { category: "external", summary: "SUSE Bug 1187707 for CVE-2020-18670", url: "https://bugzilla.suse.com/1187707", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-06-29T14:06:38Z", details: "low", }, ], title: "CVE-2020-18670", }, { cve: "CVE-2020-18671", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-18671", }, ], notes: [ { category: "general", text: "Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-18671", url: "https://www.suse.com/security/cve/CVE-2020-18671", }, { category: "external", summary: "SUSE Bug 1187706 for CVE-2020-18671", url: "https://bugzilla.suse.com/1187706", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-06-29T14:06:38Z", details: "low", }, ], title: "CVE-2020-18671", }, { cve: "CVE-2020-35730", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-35730", }, ], notes: [ { category: "general", text: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-35730", url: "https://www.suse.com/security/cve/CVE-2020-35730", }, { category: "external", summary: "SUSE Bug 1180399 for CVE-2020-35730", url: "https://bugzilla.suse.com/1180399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Package Hub 15 SP2:roundcubemail-1.3.16-bp152.4.6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-06-29T14:06:38Z", details: "moderate", }, ], title: "CVE-2020-35730", }, ], }
opensuse-su-2024:11303-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
roundcubemail-1.4.11-1.3 on GA media
Notes
Title of the patch
roundcubemail-1.4.11-1.3 on GA media
Description of the patch
These are all security issues fixed in the roundcubemail-1.4.11-1.3 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11303
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "roundcubemail-1.4.11-1.3 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the roundcubemail-1.4.11-1.3 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-11303", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11303-1.json", }, { category: "self", summary: "SUSE CVE CVE-2017-16651 page", url: "https://www.suse.com/security/cve/CVE-2017-16651/", }, { category: "self", summary: "SUSE CVE CVE-2017-6820 page", url: "https://www.suse.com/security/cve/CVE-2017-6820/", }, { category: "self", summary: "SUSE CVE CVE-2017-8114 page", url: "https://www.suse.com/security/cve/CVE-2017-8114/", }, { category: "self", summary: "SUSE CVE CVE-2018-9846 page", url: "https://www.suse.com/security/cve/CVE-2018-9846/", }, { category: "self", summary: "SUSE CVE CVE-2019-10740 page", url: "https://www.suse.com/security/cve/CVE-2019-10740/", }, { category: "self", summary: "SUSE CVE CVE-2020-12641 page", url: "https://www.suse.com/security/cve/CVE-2020-12641/", }, { category: "self", summary: "SUSE CVE CVE-2020-16145 page", url: "https://www.suse.com/security/cve/CVE-2020-16145/", }, { category: "self", summary: "SUSE CVE CVE-2020-35730 page", url: "https://www.suse.com/security/cve/CVE-2020-35730/", }, ], title: "roundcubemail-1.4.11-1.3 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:11303-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "roundcubemail-1.4.11-1.3.aarch64", product: { name: "roundcubemail-1.4.11-1.3.aarch64", product_id: "roundcubemail-1.4.11-1.3.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "roundcubemail-1.4.11-1.3.ppc64le", product: { name: "roundcubemail-1.4.11-1.3.ppc64le", product_id: "roundcubemail-1.4.11-1.3.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "roundcubemail-1.4.11-1.3.s390x", product: { name: "roundcubemail-1.4.11-1.3.s390x", product_id: "roundcubemail-1.4.11-1.3.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "roundcubemail-1.4.11-1.3.x86_64", product: { name: "roundcubemail-1.4.11-1.3.x86_64", product_id: "roundcubemail-1.4.11-1.3.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "roundcubemail-1.4.11-1.3.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", }, product_reference: "roundcubemail-1.4.11-1.3.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "roundcubemail-1.4.11-1.3.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", }, product_reference: "roundcubemail-1.4.11-1.3.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "roundcubemail-1.4.11-1.3.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", }, product_reference: "roundcubemail-1.4.11-1.3.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "roundcubemail-1.4.11-1.3.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", }, product_reference: "roundcubemail-1.4.11-1.3.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2017-16651", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16651", }, ], notes: [ { category: "general", text: "Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16651", url: "https://www.suse.com/security/cve/CVE-2017-16651", }, { category: "external", summary: "SUSE Bug 1067574 for CVE-2017-16651", url: "https://bugzilla.suse.com/1067574", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-16651", }, { cve: "CVE-2017-6820", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6820", }, ], notes: [ { category: "general", text: "rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6820", url: "https://www.suse.com/security/cve/CVE-2017-6820", }, { category: "external", summary: "SUSE Bug 1029035 for CVE-2017-6820", url: "https://bugzilla.suse.com/1029035", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6820", }, { cve: "CVE-2017-8114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-8114", }, ], notes: [ { category: "general", text: "Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-8114", url: "https://www.suse.com/security/cve/CVE-2017-8114", }, { category: "external", summary: "SUSE Bug 1036955 for CVE-2017-8114", url: "https://bugzilla.suse.com/1036955", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-8114", }, { cve: "CVE-2018-9846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9846", }, ], notes: [ { category: "general", text: "In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled \"_uid\" parameter (in an archive.php _task=mail&_mbox=INBOX&_action=plugin.move2archive request) to perform an MX (IMAP) injection attack by placing an IMAP command after a %0d%0a sequence. NOTE: this is less easily exploitable in 1.3.4 and later because of a Same Origin Policy protection mechanism.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9846", url: "https://www.suse.com/security/cve/CVE-2018-9846", }, { category: "external", summary: "SUSE Bug 1089461 for CVE-2018-9846", url: "https://bugzilla.suse.com/1089461", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9846", }, { cve: "CVE-2019-10740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10740", }, ], notes: [ { category: "general", text: "In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10740", url: "https://www.suse.com/security/cve/CVE-2019-10740", }, { category: "external", summary: "SUSE Bug 1131801 for CVE-2019-10740", url: "https://bugzilla.suse.com/1131801", }, { category: "external", summary: "SUSE Bug 1175135 for CVE-2019-10740", url: "https://bugzilla.suse.com/1175135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10740", }, { cve: "CVE-2020-12641", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12641", }, ], notes: [ { category: "general", text: "rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-12641", url: "https://www.suse.com/security/cve/CVE-2020-12641", }, { category: "external", summary: "SUSE Bug 1171148 for CVE-2020-12641", url: "https://bugzilla.suse.com/1171148", }, { category: "external", summary: "SUSE Bug 1175135 for CVE-2020-12641", url: "https://bugzilla.suse.com/1175135", }, { category: "external", summary: "SUSE Bug 1226069 for CVE-2020-12641", url: "https://bugzilla.suse.com/1226069", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2020-12641", }, { cve: "CVE-2020-16145", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16145", }, ], notes: [ { category: "general", text: "Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-16145", url: "https://www.suse.com/security/cve/CVE-2020-16145", }, { category: "external", summary: "SUSE Bug 1175135 for CVE-2020-16145", url: "https://bugzilla.suse.com/1175135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-16145", }, { cve: "CVE-2020-35730", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-35730", }, ], notes: [ { category: "general", text: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-35730", url: "https://www.suse.com/security/cve/CVE-2020-35730", }, { category: "external", summary: "SUSE Bug 1180399 for CVE-2020-35730", url: "https://bugzilla.suse.com/1180399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.aarch64", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.ppc64le", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.s390x", "openSUSE Tumbleweed:roundcubemail-1.4.11-1.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-35730", }, ], }
fkie_cve-2020-35730
Vulnerability from fkie_nvd
Published
2020-12-28 20:15
Modified
2025-02-28 18:06
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| roundcube | webmail | * | |
| roundcube | webmail | * | |
| roundcube | webmail | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| debian | debian_linux | 9.0 |
{ cisaActionDue: "2023-07-13", cisaExploitAdd: "2023-06-22", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*", matchCriteriaId: "A26F38AE-C3AB-4A9D-A097-F88FFF3351A1", versionEndExcluding: "1.2.13", vulnerable: true, }, { criteria: "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*", matchCriteriaId: "AE535CF3-A0B8-4305-86BE-A6F2CD446827", versionEndExcluding: "1.3.16", versionStartIncluding: "1.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*", matchCriteriaId: "1B77F6D2-7493-4ED5-997E-5D3A168B56D7", versionEndExcluding: "1.4.10", versionStartIncluding: "1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", }, { lang: "es", value: "Se detectó un problema de XSS en Roundcube Webmail en versiones anteriores a la 1.2.13, 1.3.x en versiones anteriores a la 1.3.16 y 1.4.x en versiones anteriores a la 1.4.10. El atacante puede enviar un mensaje de correo electrónico de texto sin formato, con JavaScript en un elemento de referencia de enlace que es manejado inapropiadamente por linkref_addindex en rcube_string_replacer.php.", }, ], id: "CVE-2020-35730", lastModified: "2025-02-28T18:06:00.523", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2020-12-28T20:15:13.150", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", "Mailing List", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://roundcube.net/download/", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://www.alexbirnberg.com/roundcube-xss.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mailing List", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://roundcube.net/download/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://www.alexbirnberg.com/roundcube-xss.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
ghsa-mr5j-h8xf-5m2m
Vulnerability from github
Published
2022-05-24 17:37
Modified
2024-06-27 21:32
Severity ?
Details
linkref_addindex in rcube_string_replacer.php in Roundcube Webmail before 1.4.10 allows XSS via a crafted email message.
{ affected: [], aliases: [ "CVE-2020-35730", ], database_specific: { cwe_ids: [ "CWE-79", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2020-12-28T20:15:00Z", severity: "MODERATE", }, details: "linkref_addindex in rcube_string_replacer.php in Roundcube Webmail before 1.4.10 allows XSS via a crafted email message.", id: "GHSA-mr5j-h8xf-5m2m", modified: "2024-06-27T21:32:06Z", published: "2022-05-24T17:37:29Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-35730", }, { type: "WEB", url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491", }, { type: "WEB", url: "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10", }, { type: "WEB", url: "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13", }, { type: "WEB", url: "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16", }, { type: "WEB", url: "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q", }, { type: "WEB", url: "https://roundcube.net/download", }, { type: "WEB", url: "https://www.alexbirnberg.com/roundcube-xss.html", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", type: "CVSS_V3", }, ], }
wid-sec-w-2023-1546
Vulnerability from csaf_certbund
Published
2020-12-27 23:00
Modified
2023-06-22 22:00
Summary
Roundcube: Schwachstelle ermöglicht Cross-Site Scripting
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Roundcube ist ein Open-Source Webmailsystem, basierend auf PHP.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Roundcube ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Roundcube ist ein Open-Source Webmailsystem, basierend auf PHP.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Roundcube ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- Windows\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1546 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2023-1546.json", }, { category: "self", summary: "WID-SEC-2023-1546 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1546", }, { category: "external", summary: "CISA Known Exploited Vulnerabilities Catalog vom 2023-06-22", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "external", summary: "Roundcube Security updates vom 2020-12-27", url: "https://roundcube.net/news/2020/12/27/security-updates-1.4.10-1.3.16-and-1.2.13", }, { category: "external", summary: "Debian Security Advisory DSA-4821 vom 2020-12-28", url: "https://www.debian.org/security/2020/dsa-4821", }, { category: "external", summary: "Arch Linux Security Advisory ASA-202101-2 vom 2021-01-04", url: "https://security.archlinux.org/ASA-202101-2/generate", }, ], source_lang: "en-US", title: "Roundcube: Schwachstelle ermöglicht Cross-Site Scripting", tracking: { current_release_date: "2023-06-22T22:00:00.000+00:00", generator: { date: "2024-08-15T17:52:59.351+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1546", initial_release_date: "2020-12-27T23:00:00.000+00:00", revision_history: [ { date: "2020-12-27T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2020-12-28T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Debian aufgenommen", }, { date: "2021-01-04T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Arch Linux und Fedora aufgenommen", }, { date: "2023-06-22T22:00:00.000+00:00", number: "4", summary: "Exploit-Hinweis aufgenommen", }, ], status: "final", version: "4", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Open Source Arch Linux", product: { name: "Open Source Arch Linux", product_id: "T013312", product_identification_helper: { cpe: "cpe:/o:archlinux:archlinux:-", }, }, }, { branches: [ { category: "product_name", name: "Open Source Roundcube < 1.4.10", product: { name: "Open Source Roundcube < 1.4.10", product_id: "T017970", product_identification_helper: { cpe: "cpe:/a:roundcube:webmail:1.4.10", }, }, }, { category: "product_name", name: "Open Source Roundcube < 1.3.16", product: { name: "Open Source Roundcube < 1.3.16", product_id: "T017971", product_identification_helper: { cpe: "cpe:/a:roundcube:webmail:1.3.16", }, }, }, { category: "product_name", name: "Open Source Roundcube < 1.2.13", product: { name: "Open Source Roundcube < 1.2.13", product_id: "T017972", product_identification_helper: { cpe: "cpe:/a:roundcube:webmail:1.2.13", }, }, }, ], category: "product_name", name: "Roundcube", }, ], category: "vendor", name: "Open Source", }, ], }, vulnerabilities: [ { cve: "CVE-2020-35730", notes: [ { category: "description", text: "In Roundcube existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in Nachrichten nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Webbrowser zu öffnen.", }, ], product_status: { known_affected: [ "2951", "T013312", ], }, release_date: "2020-12-27T23:00:00.000+00:00", title: "CVE-2020-35730", }, ], }
WID-SEC-W-2023-1546
Vulnerability from csaf_certbund
Published
2020-12-27 23:00
Modified
2023-06-22 22:00
Summary
Roundcube: Schwachstelle ermöglicht Cross-Site Scripting
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Roundcube ist ein Open-Source Webmailsystem, basierend auf PHP.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Roundcube ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Roundcube ist ein Open-Source Webmailsystem, basierend auf PHP.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Roundcube ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- Windows\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1546 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2023-1546.json", }, { category: "self", summary: "WID-SEC-2023-1546 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1546", }, { category: "external", summary: "CISA Known Exploited Vulnerabilities Catalog vom 2023-06-22", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "external", summary: "Roundcube Security updates vom 2020-12-27", url: "https://roundcube.net/news/2020/12/27/security-updates-1.4.10-1.3.16-and-1.2.13", }, { category: "external", summary: "Debian Security Advisory DSA-4821 vom 2020-12-28", url: "https://www.debian.org/security/2020/dsa-4821", }, { category: "external", summary: "Arch Linux Security Advisory ASA-202101-2 vom 2021-01-04", url: "https://security.archlinux.org/ASA-202101-2/generate", }, ], source_lang: "en-US", title: "Roundcube: Schwachstelle ermöglicht Cross-Site Scripting", tracking: { current_release_date: "2023-06-22T22:00:00.000+00:00", generator: { date: "2024-08-15T17:52:59.351+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1546", initial_release_date: "2020-12-27T23:00:00.000+00:00", revision_history: [ { date: "2020-12-27T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2020-12-28T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Debian aufgenommen", }, { date: "2021-01-04T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Arch Linux und Fedora aufgenommen", }, { date: "2023-06-22T22:00:00.000+00:00", number: "4", summary: "Exploit-Hinweis aufgenommen", }, ], status: "final", version: "4", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Open Source Arch Linux", product: { name: "Open Source Arch Linux", product_id: "T013312", product_identification_helper: { cpe: "cpe:/o:archlinux:archlinux:-", }, }, }, { branches: [ { category: "product_name", name: "Open Source Roundcube < 1.4.10", product: { name: "Open Source Roundcube < 1.4.10", product_id: "T017970", product_identification_helper: { cpe: "cpe:/a:roundcube:webmail:1.4.10", }, }, }, { category: "product_name", name: "Open Source Roundcube < 1.3.16", product: { name: "Open Source Roundcube < 1.3.16", product_id: "T017971", product_identification_helper: { cpe: "cpe:/a:roundcube:webmail:1.3.16", }, }, }, { category: "product_name", name: "Open Source Roundcube < 1.2.13", product: { name: "Open Source Roundcube < 1.2.13", product_id: "T017972", product_identification_helper: { cpe: "cpe:/a:roundcube:webmail:1.2.13", }, }, }, ], category: "product_name", name: "Roundcube", }, ], category: "vendor", name: "Open Source", }, ], }, vulnerabilities: [ { cve: "CVE-2020-35730", notes: [ { category: "description", text: "In Roundcube existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in Nachrichten nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Webbrowser zu öffnen.", }, ], product_status: { known_affected: [ "2951", "T013312", ], }, release_date: "2020-12-27T23:00:00.000+00:00", title: "CVE-2020-35730", }, ], }
gsd-2020-35730
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.
Aliases
Aliases
{ GSD: { alias: "CVE-2020-35730", description: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", id: "GSD-2020-35730", references: [ "https://www.suse.com/security/cve/CVE-2020-35730.html", "https://www.debian.org/security/2020/dsa-4821", "https://advisories.mageia.org/CVE-2020-35730.html", "https://security.archlinux.org/CVE-2020-35730", "https://ubuntu.com/security/CVE-2020-35730", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2020-35730", ], details: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", id: "GSD-2020-35730", modified: "2023-12-13T01:22:01.172513Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35730", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://roundcube.net/download/", refsource: "MISC", url: "https://roundcube.net/download/", }, { name: "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10", refsource: "CONFIRM", url: "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10", }, { name: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491", refsource: "CONFIRM", url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491", }, { name: "https://www.alexbirnberg.com/roundcube-xss.html", refsource: "MISC", url: "https://www.alexbirnberg.com/roundcube-xss.html", }, { name: "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10", refsource: "CONFIRM", url: "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10", }, { name: "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16", refsource: "CONFIRM", url: "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16", }, { name: "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13", refsource: "CONFIRM", url: "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13", }, { name: "FEDORA-2021-2cb0643316", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/", }, { name: "FEDORA-2021-73359af51c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.2.13", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.3.16", versionStartIncluding: "1.3.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.4.10", versionStartIncluding: "1.4", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35730", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-79", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491", refsource: "CONFIRM", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978491", }, { name: "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10", refsource: "CONFIRM", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/roundcube/roundcubemail/compare/1.4.9...1.4.10", }, { name: "https://roundcube.net/download/", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "https://roundcube.net/download/", }, { name: "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10", refsource: "CONFIRM", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.4.10", }, { name: "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13", refsource: "CONFIRM", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.2.13", }, { name: "https://www.alexbirnberg.com/roundcube-xss.html", refsource: "MISC", tags: [ "Broken Link", ], url: "https://www.alexbirnberg.com/roundcube-xss.html", }, { name: "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16", refsource: "CONFIRM", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/roundcube/roundcubemail/releases/tag/1.3.16", }, { name: "FEDORA-2021-2cb0643316", refsource: "FEDORA", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMLIZWKMTRCLU7KZLEQHELS4INXJ7X5Q/", }, { name: "FEDORA-2021-73359af51c", refsource: "FEDORA", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCEU4BM5WGIDJWP6Z4PCH62ZMH57QYM2/", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: true, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, }, }, lastModifiedDate: "2022-04-24T01:55Z", publishedDate: "2020-12-28T20:15Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.