Description
Cross-site scripting (XSS) vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML via the email message subject.
Remediation
References
Related Vulnerabilities
WordPress Plugin Asgaros Forum Security Bypass (1.5.7)
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.20)
Oracle JRE CVE-2018-2797 Vulnerability (CVE-2018-2797)
WordPress Plugin WP Job Manager Cross-Site Scripting (1.26.1)
WordPress Plugin Rating-Widget:Star Review System Security Bypass (2.8.9)