CVE-2023-5631: XSS vulnerability in Roundcube webmail

CVE-2023-5631: XSS vulnerability in Roundcube webmail

Open Source Security 

Posted by Valtteri Vuorikoski on Oct 31

Not associated with the project or ESET, but didn’t see anything here about
this yet.

Roundcube is an open-source webmail client. Versions up to 1.6.4 are
vulnerable (including the 1.4.x and 1.5.x series) to an XSS exploit
caused by an issue in the sanitization of SVG image elements in HTML
emails. ESET describes CVE-2023-5631 as follows in their press release
at
<…
 Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert