An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vulnerability in rcube_washtml.php because JavaScript code can occur in the CDATA of an HTML message.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-05-04T01:57:31
Updated: 2024-08-04T12:04:22.316Z
Reserved: 2020-05-04T00:00:00
Link: CVE-2020-12625
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-05-04T02:15:11.520
Modified: 2022-09-02T15:42:45.577
Link: CVE-2020-12625
Redhat
No data.