CVE-2024-37383CISA KEV: Actively Exploited

RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability

Published Oct 24, 2024·Updated Oct 24, 2024

Description

RoundCube Webmail contains a cross-site scripting (XSS) vulnerability in the handling of SVG animate attributes that allows a remote attacker to run malicious JavaScript code.

Public Exploits & PoCs3 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free