roundcube News Articles
Recent news articles refferecing the vendors vulnerabilities.
GBHackers NewsCVE-2024-57004Roundcube XSS Flaw Allows Attackers to Inject Malicious Files
A critical Cross-Site Scripting (XSS) vulnerability has been discovered in the popular open-source webmail client, Roundcube, potentially exposing users to serious security risks.
Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008) - Help Net Security
Roundcube XSS vulnerabilities (CVE-2024-42009, CVE-2024-42008) could be exploited to steal users' emails and contacts, and send emails.
MalwarebytesCVE-2023-43770Patch now! Roundcube mail servers are being actively exploited | Malwarebytes
A vulnerability in Roundcube webmail is being actively exploited and CISA is urging users to install an updated version.
Help Net SecurityCVE-2023-43770Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770) - Help Net Security
CVE-2023-43770, a vulnerability in the Roundcube webmail software that has been fixed in September 2023, is being exploited by attackers.
Alert: CISA Warns of Active 'Roundcube' Email Attacks - Patch Now
CISA has identified a medium-severity security flaw affecting Roundcube email software, categorized as CVE-2023-43770.
CISA: Roundcube email server bug now exploited in attacks
CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks.