{"uuid": "f35ea1bf-2a0e-402c-8df4-924a20c29d8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "https://t.me/arpsyndicate/1327", "content": "#ExploitObserverAlert\n\nCVE-2023-5631\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-5631. Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker  to load arbitrary JavaScript code.\n\nFIRST-EPSS: 0.009860000\nNVD-IS: 2.7\nNVD-ES: 2.3", "creation_timestamp": "2023-12-04T23:02:37.000000Z"}