{"id":50675,"date":"2023-10-27T18:45:18","date_gmt":"2023-10-27T15:45:18","guid":{"rendered":"https:\/\/news.cpanel.com\/?p=62369"},"modified":"2023-10-27T18:45:18","modified_gmt":"2023-10-27T15:45:18","slug":"roundcube-stored-xss-cve-2023-5631-cve-2023-43770","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/roundcube-stored-xss-cve-2023-5631-cve-2023-43770\/","title":{"rendered":"Roundcube Stored XSS (CVE-2023-5631, CVE-2023-43770)"},"content":{"rendered":"<p><strong>Summary<\/strong><br \/>Stored XSS vulnerabilities affect Roundcube versions 1.6.3 and older (CVE-2023-5631, CVE-2023-43770). Roundcube is a webmail service offered within cPanel &amp; WHM.<\/p>\n<p><strong>Security Rating<\/strong><br \/>The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:<\/p>\n<p>CVE-2023-43770 \u2013 MEDIUM<br \/>CVE-2023-5631 \u2013 MEDIUM<\/p>\n<p><strong>Description<\/strong><br \/>Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of rcube_washtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code (<strong>CVE-2023-5631<\/strong>).<\/p>\n<p>Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text\/plain e-mail messages with crafted links because of rcube_string_replacer.php behavior (<strong>CVE-2023-43770<\/strong>).<\/p>\n<p><strong>Solution<\/strong><br \/>To resolve and work around the issue on Linux systems, cPanel has issued new Roundcube RPMs. Server Owners are strongly urged to upgrade to the following cPanel &amp; WHM versions:<\/p>\n<p>11.110.0.14<br \/>11.114.0.10<br \/>11.116.0.2<\/p>\n<p>Verify the new Roundcube RPMs were installed:<\/p>\n<p><em>RHEL\/RPM-based Systems<\/em><\/p>\n<p># rpm -q \u2013changelog cpanel-roundcubemail | grep -E \u2018CVE-2023-43770|CVE-2023-5631\u2019<br \/>\u2013 Add patch for CVE-2023-43770<br \/>\u2013 Add patch for CVE-2023-5631<\/p>\n<p><em>Ubuntu\/DEB-based Systems<\/em><\/p>\n<p># zgrep -E \u2018CVE-2023-43770|CVE-2023-5631\u2019 \/usr\/share\/doc\/cpanelroundcubemail\/changelog.Debian.gz <br \/>* Add patch for CVE-2023-43770 <br \/>* Add patch for CVE-2023-5631<\/p>\n<p><strong>FAQ<\/strong><br \/>This notification covers CVE-2023-5631 and CVE-2023-43770.<\/p>\n<p><strong>References<\/strong><br \/><a href=\"https:\/\/forums.cpanel.net\/threads\/cpanel-43459-cve-2023-5631-roundcube-xss-vulnerability.715061\/\" target=\"_blank\" rel=\"noopener\">CPANEL-43459 \u2013 CVE-2023-5631 Roundcube XSS vulnerability<\/a><br \/><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-5631\" target=\"_blank\" rel=\"noopener\">Official Record CVE-2023-5631<\/a><br \/><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-43770\" target=\"_blank\" rel=\"noopener\">Official Record CVE-2023-43770<\/a><br \/><a href=\"https:\/\/bugs.debian.org\/cgi-bin\/bugreport.cgi?bug=1054079\" target=\"_blank\" rel=\"noopener\">Debian Bug Report for CVE-2023-5631<\/a><br \/><a href=\"https:\/\/bugs.debian.org\/cgi-bin\/bugreport.cgi?bug=1052059\" target=\"_blank\" rel=\"noopener\">Debian Bug Report for CVE-2023-43770<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>SummaryStored XSS vulnerabilities affect Roundcube versions 1.6.3 and older (CVE-2023-5631, CVE-2023-43770). Roundcube is a webmail service offered within cPanel &amp; WHM. Security RatingThe National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2023-43770 \u2013 MEDIUMCVE-2023-5631 \u2013 MEDIUM DescriptionRoundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"class_list":["post-50675","post","type-post","status-publish","format-standard","hentry","category-cpanel-news"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/50675","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=50675"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/50675\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=50675"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=50675"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=50675"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}