Roundcube

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)

October 22, 2024

Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies …

Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)

August 7, 2024

Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email …

Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770)

February 13, 2024

CVE-2023-43770, a vulnerability in the Roundcube webmail software that has been fixed in September 2023, is being exploited by attackers in the wild, CISA has warned by adding …

Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631)

October 25, 2023

The Winter Vivern APT group has been exploiting a zero-day vulnerability (CVE-2023-5631) in Roundcube webmail servers to spy on email communications of European governmental …

Roundcube

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)

Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)

Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770)

Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631)

Featured news

Sponsored

Don't miss