heise online

Roundcube Webmail: Attackers can hijack emails through critical gap

Attackers can exploit several vulnerabilities in Roundcube Webmail and, in the worst case, view emails from victims or even send them in their name. One vulnerability is classified as"critical".
heise online

Roundcube Webmail: Attacks with forged attachments

IT security researchers have observed attacks on a stored cross-site scripting vulnerability in Roundcube Webmail. An update is available. Attackers are attempting to abuse a security vulnerability in ...