Roundcube 0-Click Vulnerability Enables Stored XSS Attack via MIME Type Attachment
Roundcube has released version 1.7 to patch six security vulnerabilities, including two critical stored cross-site scripting (XSS) flaws that require zero user interaction to exploit. The update addresses issues discovered by researchers at Samsung R&D Institute Ukraine (SRUKR), among others, and...