PT-2025-52760 · Undefined · Undefined
Published
2025-12-23
·
Updated
2025-12-23
·
CVE-2025-68673
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Hackers Exploit List-Unsubscribe Header for XSS and SSRF Attacks
The
List-Unsubscribe SMTP header can be exploited for XSS and SSRF attacks if not properly validated. Examples include Horde Webmail (CVE-2025-68673) allowing JavaScript URIs and Nextcloud Mail risking SSRF. Proper validation, sanitization, and logging are essential for security.Read more: https://t.co/XtTIPLe6sw
Discover the app: https://t.co/64Pz1q6KZ5
#CyberSecurity #ApplicationSecurity #WebSecurity #OWASP #VulnerabilityManagement #XSS #SSRF #EmailSecurity #CloudSecurity #CyberAttack #Secwiser
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined