Description
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.8.5 allows remote attackers to inject arbitrary web script or HTML via a (1) data:text or (2) vbscript link.
Remediation
References
Related Vulnerabilities
WordPress Plugin Woocommerce CSV importer Unspecified Vulnerability (3.4.0)
Oracle Application Server CVE-2006-0290 Vulnerability (CVE-2006-0290)
WordPress Plugin Essential Grid Portfolio-Photo Gallery Security Bypass (1.1.2)
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-0734)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7837)