An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke.
| Vendor | Product | Versions |
|---|---|---|
| roundcube | webmail | composer/roundcube/roundcubemail: >= 1.7-beta, < 1.7-rc5 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| open source | roundcube | cert_advisory | 90% |
Updated affected versions to include 1.5.14 and 1.6.14, changed severity to HIGH, and noted that no exploit is available.
Initial creation
