CVE-2012-6121

Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions prior to 0.8.5 ALT Linux (affected versions not specified)

Description The issue is related to a cross-site scripting (XSS) vulnerability. This allows remote attackers to inject arbitrary web script or HTML. Specifically, the vulnerability can be exploited via a data:text or vbscript link.

Recommendations For Roundcube Webmail versions prior to 0.8.5, update to version 0.8.5 or later to resolve the issue. For ALT Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.