Vulnerabilities > Roundcube > Webmail > 1.3.15

DATE CVE VULNERABILITY TITLE RISK
2020-05-04 CVE-2020-12626 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
An issue was discovered in Roundcube Webmail before 1.4.4.
network
low complexity
roundcube debian CWE-352
6.5
6.5
2020-05-04 CVE-2020-12625 Cross-site Scripting vulnerability in multiple products
An issue was discovered in Roundcube Webmail before 1.4.4.
network
low complexity
roundcube debian opensuse CWE-79
6.1
6.1