Summary
CISA has warned of active exploitation targeting two Roundcube Webmail vulnerabilities, including a critical remote code execution flaw (CVE-2025-49113) and a high-severity XSS bug (CVE-2025-68461).
Take Action:
If you are using Roundcube Webmail, this is important. Upddate to version 1.5.12 or 1.6.12 ASAP. Your webmail interface is under attack.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)