CVE-2012-3507
Publication date 25 August 2012
Last updated 24 July 2024
Ubuntu priority
Cross-site scripting (XSS) vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML via the email message subject.
Status
Package | Ubuntu Release | Status |
---|---|---|
roundcube | 12.04 LTS precise |
Not affected
|
11.10 oneiric |
Not affected
|
|
11.04 natty |
Not affected
|
|
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy |
Not affected
|