Roundcube -- Cross-site scripting vulnerabilities

2024-05-1900:00:00

vuxml.freebsd.org

roundcube

xss

svg

handling

user preferences

vulnerabilities

unix

6.3 Medium

AI Score

Confidence

High

JSON

The Roundcube project reports:

cross-site scripting (XSS) vulnerability in handling SVG
animate attributes.
cross-site scripting (XSS) vulnerability in handling list
columns from user preferences.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchroundcube< 1.6.7,1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	roundcube	< 1.6.7,1	UNKNOWN

References

roundcube.net/news/2024/05/19/security-updates-1.6.7-and-1.5.7

6.3 Medium

AI Score

Confidence

High

JSON