mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
1.2 KiB
1.2 KiB
CVE-2023-5631
&color=brighgreen)
Description
Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attackerto load arbitrary JavaScript code.
POC
Reference
No PoCs from references.
Github
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/dan-mba/python-selenium-news
- https://github.com/greandfather/EXPLOIT-Roundcube-vulnerability-POC-CVE-2023-5631-
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/onhexgroup/Malware-Sample
- https://github.com/soreta2/CVE-2023-5631-POC
- https://github.com/tanjiti/sec_profile
- https://github.com/whitfieldsdad/cisa_kev