{"id":166736,"date":"2024-08-07T21:10:17","date_gmt":"2024-08-07T21:10:17","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=166736"},"modified":"2024-08-07T21:10:19","modified_gmt":"2024-08-07T21:10:19","slug":"critical-xss-bug-in-roundcube-webmail","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/166736\/hacking\/critical-xss-bug-in-roundcube-webmail.html","title":{"rendered":"Critical XSS bug in Roundcube Webmail allows attackers to steal emails and sensitive data"},"content":{"rendered":"
<\/div>\n
Researchers warn of flaws in the Roundcube webmail software that could be exploited to steal sensitive information from target accounts.<\/h2>\n\n\n\n
Sonar\u2019s Vulnerability Research Team discovered a critical Cross-Site Scripting (XSS) vulnerability in the popular open-source webmail software Roundcube. Roundcube is included by default in the server hosting panel cPanel which has millions of installations<\/a> worldwide.<\/p>\n\n\n\n