Описание
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-5631. Reason: This candidate is a duplicate of CVE-2023-5631. Notes: All CVE users should reference CVE-2023-5631 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-5631. Reason: This candidate is a duplicate of CVE-2023-5631. Notes: All CVE users should reference CVE-2023-5631 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows XSS via a text/html e-mail message containing an SVG image with a USE element. This is related to wash_uri in rcube_washtml.php.