Hot off the press! **CISA** adds CVE-2023-43770 (6.1 medium) Roundcube Webmail... - Random

simontsui, 3 months ago

Hot off the press! CISA adds CVE-2023-43770 (6.1 medium) Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability to the Known Exploited Vulnerabilities (KEV) Catalog.
🔗 (to be replaced later) https://www.cisa.gov/known-exploited-vulnerabilities-catalog

#CISA #KEV #KnownExploitedVulnerabilitiesCatalog #vulnerability #eitw #Roundcube #XSS #activeexploitation #CVE_2023_43770

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

+ AAKL

Image

Image alternative text

simontsui, 3 months ago

Why you should care about CVE-2023-43770:
ESET Research previously reported on 25 October 2023 that the Winter Vivern APT was exploiting a similar RoundCube cross-site scripting vulnerability CVE-2023-5631 as a zero-day against European overnmental entities and a think tank.

#CISA #KEV #KnownExploitedVulnerabilitiesCatalog #vulnerability #eitw #Roundcube #XSS #activeexploitation #CVE_2023_43770 #WinterVivern #APT #cyberespionage

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

+ AAKL

Add comment