Nullcathedral1

Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions prior to 1.5.14 and prior to 1.6.14 Description A flaw exists in Roundcube Webmail that stems from inadequate sanitization of Cascading Style Sheets (CSS) within HTML email messages. This can allow for a bypass of existing mitigations through the use of the '!important' declaration in CSS. Recommendations Update Roundcube Webmail to version 1.5.14 or later. Update Roundcube Webmail to version 1.6.14 or later.