Description
Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering.
Remediation
References
Related Vulnerabilities
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2020-28032)
WordPress Plugin All In One Schema.org Rich Snippets Cross-Site Scripting (1.4.4)
Joomla Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-12765)
WordPress Plugin Download Manager Multiple Cross-Site Scripting Vulnerabilities (3.2.48)