Description
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-1484 Vulnerability (CVE-2013-1484)
WordPress Plugin Agent Storm by StormRETS Multiple Cross-Site Scripting Vulnerabilities (1.1.35)
Liferay Portal Missing Authorization Vulnerability (CVE-2022-38512)
WordPress Plugin Britetechs Companion Malicious Code (2.2.7)
WordPress Plugin WP Mail Log Cross-Site Request Forgery (1.0.1)