Vulnerabilities > Rainloop
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-28 | CVE-2022-29360 | Cross-site Scripting vulnerability in Rainloop Webmail The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted email message. | 5.4 |
2020-03-20 | CVE-2019-13389 | Cross-site Scripting vulnerability in Rainloop Webmail RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as xlink:href validation, the X-XSS-Protection header, and the Content-Security-Policy header. | 6.1 |