Plesk for Linux
kb: technical
Impact
CVE-2024-42008, CVE-2024-42009, CVE-2024-42010 vulnerabilities were discovered in Roundcube.
Situation
Roundcube before 1.5.8/1.6.8 versions has these vulnerabilities:
- XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008]
- XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009]
- Information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010]
Call to action
The vulnerabilities are fixed in Plesk Obsidian 18.0.63 #1.
Update Plesk to the latest version.
Comments
0 comments
Please sign in to leave a comment.