[MEDIUM] Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages

PKSA-vsf6-6r3q-jc1x CVE-2026-35540 GHSA-vxg2-hhgr-37fx

Affected package: roundcube/roundcubemail

Affected version: >=1.7-beta,<1.7-rc5

Reported by:
GitHub