FlagThis

References :

• ciso2ciso.com: Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials – Source:thehackernews.com
• thehackernews.com: This article details how hackers are exploiting a vulnerability in Roundcube to steal user credentials.
• securityaffairs.com: This newsletter discusses the XSS vulnerability in Roundcube webmail.
• social.skynetcloud.site: Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials – Source:thehackernews.com
• securityaffairs.com: Unknown threat actors exploit Roundcube Webmail flaw in phishing campaign
• malware.news: Attackers targeted a government organization in a country part of the Commonwealth of Independent States with an email containing a concealed attached document and distinct tags within its body that facilitate arbitrary JavaScript execution.
• www.scworld.com: SC World reported on the Roundcube webmail exploitation.
• global.ptsecurity.com: Fake Attachment: Roundcube Mail Server Attacks Exploit CVE-2024-37383 Vulnerability
• malware.news: Roundcube Vulnerability (CVE-2024-37383) Exploited in Phishing Attacks Targeting Government Agencies for Credential Theft
• socradar.io: Roundcube Vulnerability (CVE-2024-37383) Exploited in Phishing Attacks Targeting Government Agencies for Credential Theft
• github.com: Roundcube Webmail Releases
• socradar.io: Researchers from Positive Technologies have confirmed that the emails tricked recipients into revealing sensitive credentials by injecting fake login forms into Roundcube’s interface.
• securityonline.info: CISA has issued an urgent warning about this actively exploited vulnerability, highlighting its significance and urging organizations to prioritize patching their systems.

Classification:

• HashTags:
• Company: Roundcube
• Target: users' email accounts
• Product: webmail software
• Feature: JavaScript injection
• Type: Vulnerability
• Severity: Medium