Security Advisory

CVE-2018-19206

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-11-12 17:00:00

Last updated 2024-08-05 11:30:04

Assigner mitre

State PUBLISHED

Description

steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of <svg><style>, as demonstrated by an onload attribute in a BODY element, within an HTML attachment.

← Browse all CVEs View on cve.org ↗