Description
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.8.5 allows remote attackers to inject arbitrary web script or HTML via a (1) data:text or (2) vbscript link.
Remediation
References
Related Vulnerabilities
WordPress Plugin All in One Social Lite Server-Side Request Forgery (1.0)
WordPress Plugin Survey Maker-Best WordPress Survey Cross-Site Scripting (2.0.6)
Moodle CVE-2020-25698 Vulnerability (CVE-2020-25698)
math.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-1001002)