{"id":"CVE-2012-4668","details":"Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the signature in an email.","modified":"2026-04-10T03:43:13.326552Z","published":"2012-08-25T10:29:53Z","references":[{"type":"FIX","url":"https://github.com/roundcube/roundcubemail/commit/c086978f6a91eacb339fd2976202fca9dad2ef32"},{"type":"WEB","url":"http://sourceforge.net/news/?group_id=139281&id=309011"},{"type":"WEB","url":"http://trac.roundcube.net/ticket/1488613"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2012/08/20/2"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2012/08/20/9"}],"schema_version":"1.7.5"}