This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
RoundCube development Team reports :
We just published a new release which fixes a recently reported XSS
vulnerability as an update to the stable 0.5 branch. Please update
your installations with this new version or patch them with the fix
which is also published in the downloads section or our
During one of pen-tests I found that _mbox parameter is not properly
sanitized and reflected XSS attack is possible.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 4.3