CISA: Roundcube email server bug now exploited in attacks \ stacker news ~security

CISA: Roundcube email server bug now exploited in attacks www.bleepingcomputer.com/news/security/cisa-roundcube-email-server-bug-now-exploited-in-attacks/

296 sats \ 0 comments \ @ch0k1 14 Feb security

CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks.

The security flaw (CVE-2023-43770) is a persistent cross-site scripting (XSS) bug that lets attackers access restricted information via plain/text messages maliciously crafted links in low-complexity attacks requiring user interaction.

view all related items