{"uuid": "c3743a00-f5c1-4313-b6f7-dcebf8c6592f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "https://t.me/arpsyndicate/2767", "content": "#ExploitObserverAlert\n\nCVE-2023-5631\n\nDESCRIPTION: Exploit Observer has 14 entries in 3 file formats related to CVE-2023-5631. Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker  to load arbitrary JavaScript code.\n\nFIRST-EPSS: 0.006800000\nNVD-IS: 2.7\nNVD-ES: 2.3", "creation_timestamp": "2024-01-15T07:55:48.000000Z"}