Roundcube Webmail
Moderate fix3 remedies
cpe:2.3:a:roundcube:roundcube:*:*:*:*:*:*:*, +2 more
Moderate fix3 remedies
- < 1.5.15
- < 1.6.15
Roundcube Webmail SVG Content Remote Image Blocking Bypass Vulnerability
Vulnerability
Patched
A vulnerability exists in Roundcube Webmail versions prior to 1.5.15 and 1.6.15, allowing the remote image blocking feature to be bypassed using SVG content in email messages. This could lead to information disclosure or an access-control bypass. The issue involves the 'animate' element with the 'attributeName' values of 'fill', 'filter', or 'stroke'.
Impact
Exploitation of this vulnerability could result in unauthorized remote image loading, potentially leading to information disclosure or an access-control bypass.
Reproduction
To reproduce this vulnerability, send an email containing SVG content with an 'animate' element that includes 'attributeName' values of 'fill', 'filter', or 'stroke'. When the email is received, the SVG animation will bypass the remote image blocking feature, allowing the external image to be loaded despite the user's settings.
Remediation
Users can update to Roundcube Webmail versions 1.5.15, 1.6.15, or 1.7-rc6, all of which include the necessary fix. Instructions for updating are available on the Roundcube website.
Added: Apr 3, 2026, 5:23 AM
Updated: Apr 3, 2026, 5:23 AM
Vulnerability Rating
Custom Algorithm
spread
7.6impact
0.4exploitability
7.6remediation
7.7relevance
5.2threat
4.8urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.