Back to directory
WRITEUP #113

Government Emails at Risk: Critical Cross-Site Scripting Vulnerability in Roundcube Webmail

XSSSecurity code review
byOskar Zeino-Mahmalat
Program
Roundcube
Published
Aug 5, 2024
Added to HackDex
Sep 18, 2024
Read Full Writeuphttps://www.sonarsource.com/blog/government-emails-at-risk-critical-cross-site-scripting-vulnerability-in-roundcube-webmail/
RELATED WRITEUPS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
Front-End Frameworks: When Bypassing Built-in Sanitization Might Backfire
XSSClient-side Path Traversal
Studying 0days: How we hacked Anki, the world's most popular flashcard app
RCEComponents with known vulnerabilities
We hacked Anki - 0 day exploit from studying someone elses flashcards
RCEComponents with known vulnerabilities
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization

Built with ❤️ by Shubham Rawat