5 matches found
CVE-2017-6820
rcubeutils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets CSS token sequence within an SVG element...
Cross site scripting
rcubeutils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets CSS token sequence within an SVG element...
CVE-2017-6820
rcubeutils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets CSS token sequence within an SVG element...
CVE-2017-6820
CVE-2017-6820 affects Roundcube’s webmail software via rcube_utils.php. The vulnerability is a cross-site scripting (XSS) flaw caused by a crafted CSS token sequence inside an SVG element, impacting Roundcube versions before 1.1.8 and 1.2.x before 1.2.4. Exploitation details indicate a remote att...
CVE-2017-6820
rcubeutils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets CSS token sequence within an SVG element...