VYPR
Unrated severityCISA KEVNVD Advisory· Published Dec 28, 2020· Updated Oct 21, 2025

CVE-2020-35730

CVE-2020-35730

Description

An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.