A critical Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2024-57004, has been discovered in Roundcube Webmail version 1.6.9. This flaw allows remote authenticated users to upload malicious files disguised as email attachments, posing significant risks to individuals and organizations using the popular open-source webmail client. The vulnerability stems from insufficient sanitization of user input during the […]
The post Roundcube XSS Vulnerability Let Attackers Inject Malicious Files appeared first on Cyber Security News.
This article has been indexed from Cyber Security News