First published: Thu Jun 24 2021(Updated: )
Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Roundcube Webmail | <=1.4.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-18671.
The title of the vulnerability is Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php.
The severity of CVE-2020-18671 is medium with a severity value of 5.4.
The vulnerability affects Roundcube Mail version up to and inclusive of 1.4.4.
To fix this vulnerability, update Roundcube Mail to version 1.4.5 or 1.3.12.