In unserem Labor schreiben wir regelmäßig in Form von Blogbeiträgen über identifizierte Sicherheitslücken, welche nach dem Responsible Disclosure Verfahren veröffentlicht werden.
01.01.2024 - Rene Rehme
Roundcube 1.5.x before 1.5.6 and 1.6.x before 1.6.5 allows XSS via a Content-Type or Content-Disposition header (used for attachment preview or download).
⚑ 2024 - The vulnerability has been identified.
→ 16. Okt. 2023 - The vulnerability was reported to RoundCube via E-Mail.
→ 17. Okt. 2023 - The security vulnerability has been confirmed.
→ 04. Nov. 2023 - A fix is in the works, a new version is planned for the upcoming weekend.
→ 05. Nov. 2023 - Security updates 1.6.5 and 1.5.6 released
→ 11. Jun. 2024 - Blog article published.
We are not disclosing detailed information about the vulnerability at this time to prevent active exploitation. It should be noted that certain prerequisites must be met for the vulnerability to be exploited.
In a proof of concept, we have written an exploit that shows which threats (regardless of the CVSS base score) this vulnerability harbours.
CWE-20 Improper Input Validation