Description Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php. Remediation References CVE-2020-18670 Related Vulnerabilities WordPress Plugin Blue Admin Cross-Site Request Forgery (21.06.01) WordPress Plugin Widgets for WooCommerce Products on Elementor Cross-Site Scripting (1.0.7) LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18358) Joomla! Core 3.x.x Directory Traversal (3.2.0 - 3.4.5) Magento CVE-2020-3718 Vulnerability (CVE-2020-3718) Severity Medium Classification CVE-2020-18670 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities