MGASA-2020-0206
- Source
- https://advisories.mageia.org/MGASA-2020-0206.html
- Import Source
- https://advisories.mageia.org/MGASA-2020-0206.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2020-0206
- Related
- Published
- 2020-05-08T10:57:54Z
- Modified
- 2020-05-08T10:23:55Z
- Summary
- Updated roundcubemail packages fix security vulnerabilities
- Details
-
Updated roundcubemail packages fix security vulnerabilities:
- Cross-Site Scripting (XSS) via malicious HTML content (CVE-2020-12625)
- CSRF attack can cause an authenticated user to be logged out (CEV-2020-12626)
- Remote code execution via crafted config options
- Path traversal vulnerability allowing local file inclusion via crafted 'plugins' option
- References
- Credits
-
-
- Mageia - COORDINATOR
-