CVE ID: CVE-2020-13965
Vendor/Project: Roundcube
Product: Webmail
Vulnerability Name: Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability
Date Added: 2024-06-26
Short Description: Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to manipulate data via a malicious XML attachment.
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due Date: 2024-07-17
Known Ransomware Use: Unknown
Notes: https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12
CVE ID: CVE-2020-13965 Vendor/Project: Roundcube Product: Webmail Vulnerability Name: Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability Date Added: 2024-06-26 Short Description: Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to manipulate data via a malicious XML attachment. Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Due Date: 2024-07-17 Known Ransomware Use: Unknown Notes: https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12