SMTP: Roundcube Rcube String Replacer Cross Site Scripting
This signature detects attempts to exploit a known cross-site scripting vulnerability against Roundcube Rcube String Replacer. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.
Extended Description
Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.
Affected Products
Debian debian_linux
References
CVE: CVE-2020-35730
Short Name
SMTP:RCUBE-STRNG-XSS
Severity
Major
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-2020-35730 CVE-2023-43770 Cross Rcube Replacer Roundcube Scripting Site String
Release Date
03/24/2025
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3793
False Positive
Unknown
Vendors
Debian
Roundcube