Roundcube Webmail Vulnerability Under Exploitation, Patch Now
Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Roundcube webmail vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2023-43770, this issue is a persistent cross-site scripting (XSS) issue that allows attackers to obtain sensitive information through specially crafted links in plain text messages. The affected Roundcube versions include 1.4.14, 1.5.x […]
