0.001 Low
EPSS
Percentile
45.6%
roundcube is vulnerable to homograph attacks. The vulnerability exists due to the way the system mishandles Punycode xn-- domain names which allows an attacker to cause a homograph attack.
github.com/roundcube/roundcubemail/issues/6891
lists.fedoraproject.org/archives/list/[email protected]/message/TFFMSO5WKEYSGMTZPZFF4ZADUJ57PRN5/
security-tracker.debian.org/tracker/CVE-2019-15237