mod_css_styles in Roundcube through 1.5.7 and 1.6.x...
High severity
Unreviewed
Published
Aug 5, 2024
to the GitHub Advisory Database
•
Updated Aug 6, 2024
Description
Published by the National Vulnerability Database
Aug 5, 2024
Published to the GitHub Advisory Database
Aug 5, 2024
Last updated
Aug 6, 2024
mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a insufficiently filters Cascading Style Sheets (CSS) token sequences in rendered e-mail messages, allowing a remote attacker to obtain sensitive information.
References