The vulnerability in the library program/lib/Roundcube/rcube_washtml.php of the RoundCube Webmail client allows a malicious user to execute arbitrary JavaScript code.

The vulnerability of the library program/lib/Roundcube/rcubewashtml.php of the RoundCube Webmail client exists because no measures have been taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code through a...

SUSE CVE-2020-12625

An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting XSS vulnerability in rcubewashtml.php because JavaScript code can occur in the CDATA of an HTML message...

CVE-2015-1433

program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...

CVE-2015-1433

program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...

CVE-2015-1433

program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...