Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)

2024-08-07 10:08

Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email password, and send emails from their account. About the vulnerabilities Roundcube is an open-source webmail software solution popular with European government agencies, hosting providers and academic institutions around the world. CVE-2024-42009 and CVE-2024-42008 are both XSS bugs. The former allows a remote attacker to steal and send emails of a victim via a crafted e-mail … More →

The post Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008) appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article:

Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)

← [UPDATE] [mittel] X.Org X11: Mehrere Schwachstellen

AppSOC launches new AI security capabilities for enhanced governance and protection →


10.4K	8K	100+	500+

Read the original article:

Related

Post navigation