1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. RoundCube Webmail Cross-Site Scripting Vulnerability

Known Exploited Vulnerabilities CVE-2024-42009

RoundCube Webmail contains a cross-site scripting vulnerability. This vulnerability could allow a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2024-42009 RoundCube Webmail Cross-Site Scripting Vulnerability exploitation_technique T1566.002 Spearphishing Link
Comments
An attacker can exploit a deserialization/desanitization issue by injecting malicious JavaScript into a message. Parsing the HTML inside the message can allow the exfiltration of email data, as well as commandeer the victim's browser.
References
  1. https://github.com/DaniTheHack3r/CVE-2024-42009-PoC
CVE-2024-42009 RoundCube Webmail Cross-Site Scripting Vulnerability primary_impact T1114 Email Collection
Comments
An attacker can exploit a deserialization/desanitization issue by injecting malicious JavaScript into a message. Parsing the HTML inside the message can allow the exfiltration of email data, as well as commandeer the victim's browser.
References
  1. https://github.com/DaniTheHack3r/CVE-2024-42009-PoC
CVE-2024-42009 RoundCube Webmail Cross-Site Scripting Vulnerability primary_impact T1056 Input Capture
Comments
An attacker can exploit a deserialization/desanitization issue by injecting malicious JavaScript into a message. Parsing the HTML inside the message can allow the exfiltration of email data, as well as commandeer the victim's browser.
References
  1. https://github.com/DaniTheHack3r/CVE-2024-42009-PoC