Unrated severityCISA KEVOSV Advisory· Published Dec 18, 2025· Updated Feb 26, 2026
CVE-2025-68461
CVE-2025-68461
Description
Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting (XSS) vulnerability via the animate tag in an SVG document.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
31.1-beta, 1.1-rc, 1.1.0, …+ 1 more
- (no CPE)range: 1.1-beta, 1.1-rc, 1.1.0, …
- (no CPE)range: <=1.5.11, <=1.6.11
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.