What is the severity of CVE-2012-1253?

CVE-2012-1253 is considered a medium severity vulnerability due to its potential for cross-site scripting attacks.

How do I fix CVE-2012-1253?

To fix CVE-2012-1253, upgrade Roundcube Webmail to version 0.7 or later.

What software versions are affected by CVE-2012-1253?

CVE-2012-1253 affects Roundcube Webmail versions prior to 0.7, including versions 0.6 and earlier.

What type of vulnerability is CVE-2012-1253?

CVE-2012-1253 is a cross-site scripting (XSS) vulnerability that allows attackers to inject arbitrary web scripts or HTML.

In which browsers is CVE-2012-1253 exploitable?

CVE-2012-1253 is specifically exploitable when using Internet Explorer.

Vulnerability/
CVE-2012-1253

low

2.6

CWE

4/6/2012

16/9/2024

CVE-2012-1253: XSS

First published: Mon Jun 04 2012(Updated: )

Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment.

Credit: vultures@jpcert.or.jp

Affected Software	Affected Version	How to fix
barnraiser AROUNDMe	<=0.6
barnraiser AROUNDMe	=0.1
barnraiser AROUNDMe	=0.1-alpha
barnraiser AROUNDMe	=0.1-beta
barnraiser AROUNDMe	=0.1-beta2
barnraiser AROUNDMe	=0.1-rc1
barnraiser AROUNDMe	=0.1-rc2
barnraiser AROUNDMe	=0.1.1
barnraiser AROUNDMe	=0.2
barnraiser AROUNDMe	=0.2-alpha
barnraiser AROUNDMe	=0.2-beta
barnraiser AROUNDMe	=0.2.1
barnraiser AROUNDMe	=0.2.2
barnraiser AROUNDMe	=0.3
barnraiser AROUNDMe	=0.3-beta
barnraiser AROUNDMe	=0.3-rc1
barnraiser AROUNDMe	=0.3.1
barnraiser AROUNDMe	=0.4
barnraiser AROUNDMe	=0.4-beta
barnraiser AROUNDMe	=0.4.1
barnraiser AROUNDMe	=0.4.2
barnraiser AROUNDMe	=0.5
barnraiser AROUNDMe	=0.5-beta
barnraiser AROUNDMe	=0.5-rc
barnraiser AROUNDMe	=0.5.1
barnraiser AROUNDMe	=0.5.2
barnraiser AROUNDMe	=0.5.3
barnraiser AROUNDMe	=0.5.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-1253?
CVE-2012-1253 is considered a medium severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2012-1253?
To fix CVE-2012-1253, upgrade Roundcube Webmail to version 0.7 or later.
What software versions are affected by CVE-2012-1253?
CVE-2012-1253 affects Roundcube Webmail versions prior to 0.7, including versions 0.6 and earlier.
What type of vulnerability is CVE-2012-1253?
CVE-2012-1253 is a cross-site scripting (XSS) vulnerability that allows attackers to inject arbitrary web scripts or HTML.
In which browsers is CVE-2012-1253 exploitable?
CVE-2012-1253 is specifically exploitable when using Internet Explorer.

agent/severity
agent/references
agent/author
agent/type
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/roundcube
canonical/barnraiser aroundme
version/barnraiser aroundme/0.6
version/barnraiser aroundme/0.1
version/barnraiser aroundme/0.1-alpha
version/barnraiser aroundme/0.1-beta
version/barnraiser aroundme/0.1-beta2
version/barnraiser aroundme/0.1-rc1
version/barnraiser aroundme/0.1-rc2
version/barnraiser aroundme/0.1.1
version/barnraiser aroundme/0.2
version/barnraiser aroundme/0.2-alpha
version/barnraiser aroundme/0.2-beta
version/barnraiser aroundme/0.2.1
version/barnraiser aroundme/0.2.2
version/barnraiser aroundme/0.3
version/barnraiser aroundme/0.3-beta
version/barnraiser aroundme/0.3-rc1
version/barnraiser aroundme/0.3.1
version/barnraiser aroundme/0.4
version/barnraiser aroundme/0.4-beta
version/barnraiser aroundme/0.4.1
version/barnraiser aroundme/0.4.2
version/barnraiser aroundme/0.5
version/barnraiser aroundme/0.5-beta
version/barnraiser aroundme/0.5-rc
version/barnraiser aroundme/0.5.1
version/barnraiser aroundme/0.5.2
version/barnraiser aroundme/0.5.3
version/barnraiser aroundme/0.5.4