漏洞描述
Roundcube Webmail存在跨站脚本漏洞。此漏洞是由于rcube_string_replacer.php对于接收到的消息缺乏校验导致的。
Roundcube Webmail rcube_string_replacer.php 跨站脚本漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2020-11546: SuperWebmailer 7.21.0.01526 - Remote Code Execution
- POC CVE-2020-12641: Roundcube Webmail - Command Injection
- POC CVE-2023-37728: IceWarp Webmail Server v10.2.1 - Cross Site Scripting
- POC CVE-2025-49113: Roundcube Webmail - Remote Code Execution
- POC CVE-2025-49113: Roundcube Webmail - Remote Code Execution
- POC CVE-2024-42009: Roundcube Webmail - Cross-Site Scripting
- POC roundcube-log-disclosure: Roundcube Log Disclosure
- POC roundcube-webmail: Roundcube webmail
- Roundcube Webmail代码执行漏洞(CVE-2025-49113)
- Roundcube Webmail rcube_washtml.php CVE-2023-5631 存储型跨站脚本漏洞
- Roundcube Webmail rcube_washtml.php CVE-2023-5631 存储型跨站脚本漏洞
- Roundcube Webmail CVE-2021-44026 SQL注入漏洞
- Horde Groupware Webmail Edition PHP反序列化漏洞