Roundcube Webmail <= 1.6.9 XSS Vulnerability - Windows

Roundcube Webmail is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2020-8034

Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting XSS vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker can obtain access to a victim's webma...

DEBIAN-CVE-2019-12094

Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?form=updatef&username= or admin/user.php?form=removef&username= or admin/config/diff.php?app= URI...

CVE-2019-9763

An issue was discovered in Openfind Mail2000 6.0 and 7.0 Webmail. XSS can occur via an 'object data="data:text/html' substring in an e-mail message The vendor subsequently patched this...

SquirrelMail < 1.4.4-RC1 webmail.php XSS

Binary data 2550.prm...

FreeBSD : 'Content-Type' XSS vulnerability affecting other webmail systems (25)

The following package needs to be updated: ilohamail %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgc5519420cec211d88898000d6111a684.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

Emumail WebMail Multiple Remote Vulnerabilities (XSS, Disc)

According to its version number, the remote host is running a vulnerable version of EMUMAIL WebMail. There are several vulnerabilities in this version, ranging from information disclosure to cross-site scripting vulnerabilities. These issues may allow an attacker to trick a logged-in user into...