Description
Cross-site scripting (XSS) vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML via the email message subject.
Remediation
References
Related Vulnerabilities
Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562)
Oracle JRE CVE-2012-1533 Vulnerability (CVE-2012-1533)
WordPress Plugin Testimonial Slider SQL Injection (1.2.4)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2023-28625)
WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.3.3)