CVE-2021-26925

Published February 9th, 2021

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

1

PROJECT

Description

Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering.

roundcube/roundcubemail

The Roundcube Webmail suite

GitHub

7K