CVE-2011-1492
Roundcube Webmail < 0.5.1 - Authenticated Server-Side Request Forgery via CSS Stylesheet Request
Title source: llmDescription
steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets (CSS) stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain sensitive information, via a crafted request.
References (7)
Core 7
Core References
Mailing List mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/24/3
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/44050
Patch mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2011/03/24/4
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/66613
Patch mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2011/04/04/50
Third Party Advisory x_refsource_confirm
http://trac.roundcube.net/wiki/Changelog
Patch x_refsource_confirm
http://trac.roundcube.net/changeset/4488
Scores
EPSS
0.0176
EPSS Percentile
75.4%
Details
CWE
CWE-20
Status
published
Products (11)
roundcube/webmail
0.1 (6 CPE variants)
roundcube/webmail
0.1.1
roundcube/webmail
0.2 (3 CPE variants)
roundcube/webmail
0.2.1
roundcube/webmail
0.3 (3 CPE variants)
roundcube/webmail
0.3.1
roundcube/webmail
0.4 (2 CPE variants)
roundcube/webmail
0.4.1
roundcube/webmail
0.4.2
roundcube/webmail
0.5 beta (2 CPE variants)
... and 1 more
Published
Apr 08, 2011
Tracked Since
Feb 18, 2026