9 matches found
BIT-ROUNDCUBE-2020-13964
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmailoutputhtml.php allows XSS via the username template object...
USN-5182-1 roundcube vulnerabilities
It was discovered that Roundcube Webmail allowed JavaScript code to be present in the CDATA of an HTML message. A remote attacker could possibly use this issue to execute a cross-site scripting XSS attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM...
CVE-2020-13964
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmailoutputhtml.php allows XSS via the username template object...
DEBIAN-CVE-2020-13964
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmailoutputhtml.php allows XSS via the username template object...
Cross site scripting
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmailoutputhtml.php allows XSS via the username template object...
UBUNTU-CVE-2020-13964
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmailoutputhtml.php allows XSS via the username template object...
CVE-2020-13964
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmailoutputhtml.php allows XSS via the username template object...
CVE-2020-13964
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmailoutputhtml.php allows XSS via the username template object...
PT-2020-3641 · Roundcube +3 · Roundcube Webmail +3
Name of the Vulnerable Software and Affected Versions: Roundcube Webmail versions prior to 1.3.12 Roundcube Webmail versions 1.4.x prior to 1.4.5 Description: The issue is related to insufficient protection measures for web page structures in Roundcube Webmail, allowing a remote attacker to impac...