In a previous article, I covered the steps on how to setup and configure the Mail service in OS X Server. While this included the steps to get up and running with email services, it did not address ...

Roundcube Webmail before 1.4.4 contains a command injection caused by shell metacharacters in configuration settings for im_convert_path or im_identify_path, letting attackers execute arbitrary code, ...

Jesus Vigo reviews the steps necessary to add a front-end webmail application using Roundcube that's hosted on OS X Server. In a previous article, I covered the steps on how to setup and configure the ...

You are probably familiar with the various free web based email solutions that are available today. Services like Yahoo Mail, Outlook.com and Gmail are used by millions of people all over the world.

Roundcube versions up to 1.5.7 and 1.6.x up to 1.6.7 contain a reflected cross-site scripting caused by desanitization in message_body() in show.php, letting remote attackers steal and send victim ...

An XSS vulnerability in Roundcube Webmail has been targeted for code execution against a governmental organization in a CIS country. A threat actor was caught attempting to exploit a recent ...

Hackers are likely starting to exploit CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. The security issue has been ...

Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim's web browser and steal ...