Description
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy WP SMTP Cross-Site Scripting (1.2.4)
WordPress Plugin Content text slider on post Cross-Site Scripting (6.8)
WordPress Plugin Neuvoo Jobs Cross-Site Scripting (2.0)
WordPress Plugin Js-appointment 'searchdata.php' SQL Injection (1.5)
Jenkins Improper Input Validation Vulnerability (CVE-2016-0792)