VYPR
Unrated severityOSV Advisory· Published Nov 12, 2018· Updated Aug 5, 2024

CVE-2018-19206

CVE-2018-19206

Description

steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of , as demonstrated by an onload attribute in a BODY element, within an HTML attachment.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.