NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-42010

Summary	mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a insufficiently filters Cascading Style Sheets (CSS) token sequences in rendered e-mail messages, allowing a remote attacker to obtain sensitive information.
Publication Date	Aug. 6, 2024, 4:15 a.m.
Registration Date	Aug. 6, 2024, noon
Last Update	Aug. 7, 2024, 1:30 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/roundcube/roundcubemail/releases
2	https://sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/
3	https://github.com/roundcube/roundcubemail/releases/tag/1.5.8
4	https://github.com/roundcube/roundcubemail/releases/tag/1.6.8
5	https://roundcube.net/news/2024/08/04/security-updates-1.6.8-and-1.5.8

Common Vulnerabilities List