SSD Advisory – Roundcube Incoming Emails Stored XSS
TL;DR Find out how we exploited Roundcube webmail application and crafted an email containing malicious HTML that execute arbitrary JavaScript code in the context of the vulnerable user’s inbox. Vulnerability Summary Roundcube webmail is a browser-based multilingual IMAP client with an application-like user interface.An input sanitization vulnerability in Roundcube can be exploited to perform a …
SSD Advisory – Roundcube Incoming Emails Stored XSS Read More »
