Description
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment.
Remediation
References
Related Vulnerabilities
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2042)
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13674)
Django Missing Authorization Vulnerability (CVE-2026-4292)
MySQL CVE-2012-3144 Vulnerability (CVE-2012-3144)
WordPress Plugin bbPress Social Network Multiple Cross-Site Scripting Vulnerabilities (9.2)