Security Advisory
CVE-2009-0413
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message.