CVE-2011-2937

Priority
Description
Cross-site scripting (XSS) vulnerability in the UI messages functionality
in Roundcube Webmail before 0.5.4 allows remote attackers to inject
arbitrary web script or HTML via the _mbox parameter to the default URI.
Notes
Package
Upstream:released (0.5.4)
More Information

Updated: 2019-12-05 20:57:34 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)