CVE-2023-43770

Name of the Vulnerable Software and Affected Versions Roundcube versions prior to 1.4.14, 1.5.x prior to 1.5.4, and 1.6.x prior to 1.6.3

Description Roundcube Webmail contains a cross-site scripting (XSS) issue due to insufficient sanitization of characters in link references within text messages. This allows a remote attacker to potentially execute malicious JavaScript code within the context of a user's browser. The vulnerability exists in the program/lib/Roundcube/rcube string replacer.php component. The vulnerability is actively exploited in the wild by threat actors, including the Winter Vivern (APT28/TA473/UAC-0114) group. Approximately 39,000 instances were reported as vulnerable as of February 20, 2024. The vulnerability allows attackers to gain access to restricted information. The API endpoints are not explicitly mentioned in the provided descriptions. The vulnerable parameter is not explicitly mentioned in the provided descriptions.

Recommendations Update Roundcube to a version prior to 1.4.14, 1.5.x prior to 1.5.4, and 1.6.x prior to 1.6.3.