RainLoop Team

1 exploit Active since Mar 2020
CVE-2019-13389 WRITEUP MEDIUM WRITEUP
RainLoop Webmail < 1.13.0 - Cross-Site Scripting via Missing XSS Protection Mechanisms
RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as xlink:href validation, the X-XSS-Protection header, and the Content-Security-Policy header.
CVSS 6.1