CVE-2024-57004

Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated users to upload a malicious file as an email attachment, leading to the triggering of the XSS by visiting the SENT session. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt