RoundCube 0-Click Vulnerability Enables Stored XSS Attack via MIME Type Attachment

Roundcube has released version 1.7 to patch six security vulnerabilities, including two critical stored cross-site scripting (XSS) flaws that require zero user interaction to exploit. The update addresses issues discovered by researchers at Samsung R&D Institute Ukraine (SRUKR), among others, and comes with a strong recommendation for immediate deployment across production environments. Roundcube 0-Click Vulnerability […]

The post RoundCube 0-Click Vulnerability Enables Stored XSS Attack via MIME Type Attachment appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: