CVE-2020-15562 - OpenCVE

An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Roundcube	Webmail

Configuration 1 [-]

OR	cpe:2.3:a:roundcube:webmail::::::::
	cpe:2.3:a:roundcube:webmail::::::::
	cpe:2.3:a:roundcube:webmail::::::::

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html
https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82
https://github.com/roundcube/roundcubemail/releases/tag/1.2.11
https://github.com/roundcube/roundcubemail/releases/tag/1.3.14
https://github.com/roundcube/roundcubemail/releases/tag/1.4.7
https://www.debian.org/security/2020/dsa-4720

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-07-06T11:26:09

Updated: 2024-08-04T13:22:29.362Z

Reserved: 2020-07-06T00:00:00

Link: CVE-2020-15562

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-07-06T12:15:10.720

Modified: 2023-01-20T20:26:56.197

Link: CVE-2020-15562

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-09-24T17:07:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"}, {"name": "DSA-4720", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2020/dsa-4720"}, {"name": "openSUSE-SU-2020:1516", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-15562", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7", "refsource": "MISC", "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"}, {"name": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14", "refsource": "MISC", "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"}, {"name": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11", "refsource": "MISC", "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"}, {"name": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82", "refsource": "MISC", "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"}, {"name": "DSA-4720", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4720"}, {"name": "openSUSE-SU-2020:1516", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:22:29.362Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"}, {"name": "DSA-4720", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2020/dsa-4720"}, {"name": "openSUSE-SU-2020:1516", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-15562", "datePublished": "2020-07-06T11:26:09", "dateReserved": "2020-07-06T00:00:00", "dateUpdated": "2024-08-04T13:22:29.362Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*", "matchCriteriaId": "59E2619C-F903-46BF-BD0F-15BF3962FCD5", "versionEndExcluding": "1.2.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B61D09F-12E7-441A-A6E5-0F14D0782A81", "versionEndExcluding": "1.3.14", "versionStartIncluding": "1.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*", "matchCriteriaId": "15A19F05-5C84-4252-B9E4-E12A9EB2AD8F", "versionEndExcluding": "1.4.7", "versionStartIncluding": "1.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Roundcube Webmail versiones anteriores a 1.2.11, versiones 1.3.x anteriores a 1.3.14 y versiones 1.4.x anteriores a 1.4.7. Permite un ataque de tipo XSS por medio de un mensaje de correo electr\u00f3nico HTML dise\u00f1ado, como es demostrado por una carga \u00fatil de JavaScript en el atributo xmlns (tambi\u00e9n se conoce como espacio de nombres XML) de un elemento HEAD cuando se presenta un elemento SVG"}], "id": "CVE-2020-15562", "lastModified": "2023-01-20T20:26:56.197", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-07-06T12:15:10.720", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.11"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.14"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.4.7"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2020/dsa-4720"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}