rcube_utils.php in Roundcube prior to 1.1.8 and 1.2.x prior to 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
roundcube webmail |
||
roundcube webmail 1.2.3 |
||
roundcube webmail 1.2.2 |
||
roundcube webmail 1.2.1 |
||
roundcube webmail 1.2.0 |