• Sublime Core Feed
Critical Severity

CVE-2023-5631 - Roundcube Webmail XSS via crafted SVG

Labels

Malware/Ransomware
Evasion
Exploit
HTML smuggling
Scripting
Content analysis
HTML analysis
Sender analysis

Description

Body HTML contains an exploit for CVE-2023-5631, a vulnerability in Roundcube Webmail that allows stored XSS via an HTML e-mail message with a crafted SVG document.

References

Sublime Security
Created Jan 30th, 2024 • Last updated Feb 23rd, 2024
Feed Source
Sublime Core Feed
Source
GitHub
type.inbound
and length(attachments) == 0
and strings.ilike(body.html.raw, '*use href="data:image/svg+xml;base64,PHN2Zy*#*')
and not profile.by_sender().solicited
MQL Rule Console
DocsLearning Labs

Playground

Test against your own EMLs or sample data.

Share

Post about this on your socials.

Get Started. Today.

Managed or self-managed. No MX changes.

Get Started