Description
rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.
Remediation
References
Related Vulnerabilities
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5965)
WordPress Plugin WP Real Estate Unspecified Vulnerability (2.0)
MySQL CVE-2017-3645 Vulnerability (CVE-2017-3645)
WordPress 'blog.header.php' Multiple SQL Injection Vulnerabilities (0.6.2 - 0.71)
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1886)