Vulnerabilities > Rcfilters Project

DATE CVE VULNERABILITY TITLE RISK
2018-09-09 CVE-2018-16736 Cross-site Scripting vulnerability in Rcfilters Project Rcfilters 2.1.6
In the rcfilters plugin 2.1.6 for Roundcube, XSS exists via the _whatfilter and _messages parameters (in the Filters section of the settings).
3.5