vulnerability

Ubuntu: USN-6848-1 (CVE-2024-37384): Roundcube vulnerabilities

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:P/A:N)	Jun 7, 2024	Jun 27, 2024	Aug 18, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

Jun 7, 2024

Added

Jun 27, 2024

Modified

Aug 18, 2025

Description

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences.

ubuntu-pro-upgrade-roundcubeubuntu-pro-upgrade-roundcube-core

NEW

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.