The Roundcube email server vulnerability (CVE-2023-43770) is actively exploited in cross-site scripting (XSS) attacks, posing a significant risk to both federal agencies and private organizations worldwide.
Fortinet has released patches for a high-severity cross-site scripting (XSS) vulnerability impacting multiple FortiOS and FortiProxy versions. Tracked as CVE-2023-29183 (CVSS score of 7.3), the security defect is described as an “improper neutralization of input during web page generation”. Successful exploitation of the bug, Fortinet explains in an advisory, may allow an authenticated attacker to […]