[BlueOnyx:27303] Roundcube question
Darren Shea
darrens at ecpi.com
Wed Oct 30 10:23:42 -05 2024
CISA just announced there is a Roundcube exploit which can be exploited:
"Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG
animate attributes."
https://www.cve.org/CVERecord?id=CVE-2024-37383
Our ancient BO 5208R system is running Roundcube 1.02 from the BO store
(Solarspeed) - is there a safe way to update that to a newer version without
breaking the webmail capabilities?
Thanks,
Darren
More information about the Blueonyx
mailing list