CISA: Roundcube email server bug now exploited in attacks – Source: www.bleepingcomputer.com

Source: www.bleepingcomputer.com – Author: Sergiu Gatlan CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. The security flaw (CVE-2023-43770) is a persistent cross-site scripting (XSS) bug that lets attackers access restricted information via plain/text messages maliciously crafted links in low-complexity attacks requiring user interaction. […]

La entrada CISA: Roundcube email server bug now exploited in attacks – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.