Search Results (101 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0413 1 Roundcube 1 Webmail 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message.
CVE-2017-16651 2 Debian, Roundcube 2 Debian Linux, Webmail 2026-04-21 7.8 High
Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests.
CVE-2026-25916 1 Roundcube 1 Webmail 2026-04-18 4.3 Medium
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does not block SVG feImage.
CVE-2026-26079 1 Roundcube 1 Webmail 2026-04-17 4.7 Medium
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.
CVE-2005-4368 1 Roundcube 1 Webmail 2026-04-16 N/A
roundcube webmail Alpha, with a default high verbose level ($rcmail_config['debug_level'] = 1), allows remote attackers to obtain the full path of the application via an invalid_task parameter, which leaks the path in an error message.
CVE-2024-42010 1 Roundcube 1 Roundcube 2026-04-15 7.5 High
mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 insufficiently filters Cascading Style Sheets (CSS) token sequences in rendered e-mail messages, allowing a remote attacker to obtain sensitive information.
CVE-2026-35537 1 Roundcube 1 Webmail 2026-04-14 3.7 Low
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsafe deserialization in the redis/memcache session handler may lead to arbitrary file write operations by unauthenticated attackers via crafted session data.
CVE-2026-35544 1 Roundcube 1 Webmail 2026-04-09 5.3 Medium
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important.
CVE-2026-35538 1 Roundcube 1 Webmail 2026-04-08 3.1 Low
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsanitized IMAP SEARCH command arguments could lead to IMAP injection or CSRF bypass during mail search.
CVE-2026-35539 1 Roundcube 1 Webmail 2026-04-08 6.1 Medium
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. XSS exists because of insufficient HTML attachment sanitization in preview mode. A victim must preview a text/html attachment.
CVE-2026-35541 1 Roundcube 1 Webmail 2026-04-08 4.2 Medium
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Incorrect password comparison in the password plugin could lead to type confusion that allows a password change without knowing the old password.
CVE-2026-35542 1 Roundcube 1 Webmail 2026-04-08 5.3 Medium
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via a crafted background attribute of a BODY element in an e-mail message. This may lead to information disclosure or access-control bypass.
CVE-2026-35543 1 Roundcube 1 Webmail 2026-04-08 5.3 Medium
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content (with animate attributes) in an e-mail message. This may lead to information disclosure or access-control bypass.
CVE-2026-35540 1 Roundcube 1 Webmail 2026-04-07 5.4 Medium
An issue was discovered in Roundcube Webmail 1.6.0 before 1.6.14. Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts.
CVE-2026-35545 1 Roundcube 1 Webmail 2026-04-07 5.3 Medium
An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke.
CVE-2025-68461 1 Roundcube 1 Webmail 2026-02-26 7.2 High
Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting (XSS) vulnerability via the animate tag in an SVG document.
CVE-2025-49113 2 Debian, Roundcube 2 Debian Linux, Webmail 2026-02-23 9.9 Critical
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
CVE-2024-37385 2 Microsoft, Roundcube 3 Windows, Roundcube Webmail, Webmail 2026-02-06 9.8 Critical
Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows allows command injection via im_convert_path and im_identify_path. NOTE: this issue exists because of an incomplete fix for CVE-2020-12641.
CVE-2025-68460 1 Roundcube 1 Webmail 2026-01-02 7.2 High
Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a information disclosure vulnerability in the HTML style sanitizer.
CVE-2024-57004 1 Roundcube 1 Webmail 2025-12-22 6.1 Medium
Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated users to upload a malicious file as an email attachment, leading to the triggering of the XSS by visiting the SENT session.