VU
HIGH
Vulnerabilities
Exploitation of SVG-Based XSS in RoundCube Webmail Instances
Technical analysis of a cross-site scripting (XSS) vulnerability in RoundCube Webmail triggered by improper sanitization of SVG animate elements.
Runtime Rebel Intel
2 min read·Feb 23, 2026
VU
HIGH
Vulnerabilities
Exploitation of Roundcube Webmail Cross-Site Scripting Vulnerabilities
CISA has added two Roundcube Webmail vulnerabilities to its Known Exploited Vulnerabilities catalog, signaling active exploitation of legacy flaws in webmail infrastructure.
Runtime Rebel Intel
2 min read·Feb 23, 2026