CVE-2020-16145

Published: 2020-08-12T13:15Z

Last Modified: 2024-11-21T05:06Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt