CVE-2026-26079 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.
Medium CVSS: 4.7

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.
Vendor
-
Product
-
CWE
CWE-829
Yayın Tarihi
2026-02-11 05:16:28
Güncelleme
2026-02-11 15:27:26
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-829 MEDIUM 2026

Referanslar

https://github.com/roundcube/roundcubemail/commit/1f4c3a5af5033747f9685a8a395dbd8228d19816 https://github.com/roundcube/roundcubemail/commit/2b5625f1d2ef7e050fd1ae481b2a52dc35466447 https://github.com/roundcube/roundcubemail/commit/53d75d5dfebef235a344d476b900c20c12d52b01 https://github.com/roundcube/roundcubemail/commit/5a3315cce587e0be58335d11ff9a5571c90494a5 https://github.com/roundcube/roundcubemail/commit/bf89cbaa5897d8ad62e8057d9a3f6babb90b7954 https://github.com/roundcube/roundcubemail/commit/c15f5dbf093a497e19a749b20e7f8fb5a9c24cde https://github.com/roundcube/roundcubemail/releases/tag/1.5.13 https://github.com/roundcube/roundcubemail/releases/tag/1.6.13 https://roundcube.net/news/2026/02/08/security-updates-1.6.13-and-1.5.13