Rainloop: >> Webmail >> 1.10.1.121 Security Vulnerabilities
The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted email message.
CVSS Score
5.4
EPSS Score
0.007
Published
2022-07-28
RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as xlink:href validation, the X-XSS-Protection header, and the Content-Security-Policy header.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-03-20