Roundcube Webmail 1.6.x < 1.6.5 Cross-Site-Scripting

According to its self-reported version number, Roundcube Webmail is prior to 1.5.6 or 1.6.x prior to 1.6.5. Therefore, it may be affected by a Cross-Site Scripting XSS vulnerability via a Content-Type or Content-Disposition header. Note that the scanner has not tested for these issues but has...