My bad, I tested wrong, seems I understood the exploit wrong. I just
realized it's not on the receiving end but on
the sending client. Which payload did you use to test roundcube or how
did you test this in roundcube?
On 2017-12-07 10:07, A.L.E.C wrote:
On 12/07/2017 09:45 AM, Maarten
On 12/07/2017 09:45 AM, Maarten wrote:
> Hello,
>
> Is roundcube going to get a patch for mailsploit?
>
> https://www.mailsploit.com/
>
> I tried the demo and it seems that roundcube is vulnurable for this:
>
> https://www.mailsploit.com/index#demo
I tried that two days ago and see no issue.
Hello,
Is roundcube going to get a patch for mailsploit?
https://www.mailsploit.com/
I tried the demo and it seems that roundcube is vulnurable for this:
https://www.mailsploit.com/index#demo
Incoming mail can be shown is if were from some domein which it is not
from.