Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2018-16736

Published: 09/09/2018 Updated: 06/11/2018
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 355
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Rcfilters

Vulnerability Summary

In the rcfilters plugin 2.1.6 for Roundcube, XSS exists via the _whatfilter and _messages parameters (in the Filters section of the settings).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

rcfilters project rcfilters 2.1.6

Exploits

Exploit DB: Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting
# Exploit Title: Roundcube rcfilters plugin 216 - Cross-Site Scripting # Date: 2018-09-09 # Exploit Author: Fahimeh Rezaei # Vendor Homepage: pluginsroundcubenet/packages/eagle00789/rcfilters # Software Link: pluginsroundcubenet/packages/eagle00789/rcfilters # Version: rcfilters plugin v216 # Tested on: Roundcube version 10 ...
Exploit DB: Roundcube rcfilters 2.1.6 Cross Site Scripting
Roundcube rcfilters plugin version 216 suffers from a cross site scripting vulnerability ...

References

CWE-79https://github.com/roundcube/roundcubemail/issues/6437https://github.com/eagle00789/RC_Filters/issues/19https://www.exploit-db.com/exploits/45437/https://nvd.nist.govhttps://www.exploit-db.com/exploits/45437/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook