GitHub

CVE-2024-42009 - Roundcube - Reflected XSS

Roundcube versions up to 1.5.7 and 1.6.x up to 1.6.7 contain a reflected cross-site scripting caused by desanitization in message_body() in show.php, letting remote attackers steal and send victim ...
GitHub

Pentest - DG25-18: Reflected Cross-Site Scripting (XSS) leading to full account takeover

This issue is for vulnerability found by our security team during cyclical penetration testing of our solution. Once the entire process is completed, a detailed report will be published, providing all ...