Cross-site scripting (XSS) vulnerability in Roundcube Webmail prior to 1.2.0 allows remote malicious users to inject arbitrary web script or HTML via the href attribute in an area tag in an e-mail message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
roundcube webmail 1.2 |