CVE-2025-68461

Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting XSS vulnerability via the animate tag in an SVG document...

PT-2022-13923 · Hestiacp · Hestiacp

Name of the Vulnerable Software and Affected Versions: hestiacp/hestiacp versions prior to 1.5.12 Description: The issue allows an authenticated remote attacker with low privileges to execute arbitrary code under root context. This is due to a command injection vulnerability in the GitHub...