Roundcube Webmail prior to 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
roundcube webmail |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |