5 matches found
CVE-2026-45066
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0-BETA1 until 6.4.40, 7.4.12, and 8.0.12, HtmlSanitizer URL sanitization can allow off-allowlist URLs through allowLinkHosts or allowMediaHosts because UrlSanitizer::parse follows RFC 3986...
SUSE CVE-2016-4552
Cross-site scripting XSS vulnerability in Roundcube Webmail before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the href attribute in an area tag in an e-mail message...
UBUNTU-CVE-2016-4552
Cross-site scripting XSS vulnerability in Roundcube Webmail before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the href attribute in an area tag in an e-mail message...
DEBIAN-CVE-2016-4552
Cross-site scripting XSS vulnerability in Roundcube Webmail before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the href attribute in an area tag in an e-mail message...
roundcube -- XSS vulnerability
Roundcube reports: Fix XSS issue in href attribute on area tag 5240...