Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords
Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords
thehackernews.com Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords
Discover critical vulnerabilities in Roundcube webmail software that could allow hackers to steal sensitive data. Learn about the latest security patc
If you're self hosting roundcube be sure to update.
4
comments
I'm not surprised. A cube can't be round. That's an obvious design flaw.
It's only if you view a specifically crafted email in the web client... still worth upgrading of course.
Only? "Viewing emails in a web browser" is the entire point of roundcube. It's trivial to send out millions of "specially created emails" looking for a victim.
True, but it presumably would still require the user to open them.
But, I was mostly worried that just having the server installed would be enough.