Description
Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.8.1)
WordPress Improper Input Validation Vulnerability (CVE-2020-35539)
WordPress Plugin Plotly Cross-Site Scripting (1.0.2)
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-6532)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2018-14883)