{"vulnerability": "CVE-2023-5631", "sightings": [{"uuid": "093e7b73-7a80-4dd9-8a63-84abf1b25255", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-10-26T18:10:02.000000Z"}, {"uuid": "266a55f2-0161-4809-aa14-c39972031ef5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "MISP/31685ccf-84b1-4db8-8f3a-87d84edbf74d", "content": "", "creation_timestamp": "2024-02-24T12:31:27.000000Z"}, {"uuid": "55276e07-55fe-4d69-aa77-54f9568804f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "MISP/0f810383-867c-42c6-ba59-2c5e4cfacbce", "content": "", "creation_timestamp": "2024-02-29T13:53:00.000000Z"}, {"uuid": "4415df44-9337-4dd3-827c-52ad25bdd1ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971908", "content": "", "creation_timestamp": "2024-12-24T20:35:30.684361Z"}, {"uuid": "bacdde71-f693-4a20-9960-13784c212de7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "ba7065c5-5da6-49fc-a578-7dc62158de4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-5631", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/72b2c094-241b-4afb-89a0-01810c8aa47b", "content": "", "creation_timestamp": "2026-02-02T12:26:48.016922Z"}, {"uuid": "d5020a78-c00b-464d-9850-d010b8d574b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "https://t.me/ctinow/145309", "content": "https://ift.tt/SZyVQn6\nRoundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631)", "creation_timestamp": "2023-10-25T14:46:34.000000Z"}, {"uuid": "f35ea1bf-2a0e-402c-8df4-924a20c29d8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "https://t.me/arpsyndicate/1327", "content": "#ExploitObserverAlert\n\nCVE-2023-5631\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-5631. Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker  to load arbitrary JavaScript code.\n\nFIRST-EPSS: 0.009860000\nNVD-IS: 2.7\nNVD-ES: 2.3", "creation_timestamp": "2023-12-04T23:02:37.000000Z"}, {"uuid": "c3743a00-f5c1-4313-b6f7-dcebf8c6592f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "https://t.me/arpsyndicate/2767", "content": "#ExploitObserverAlert\n\nCVE-2023-5631\n\nDESCRIPTION: Exploit Observer has 14 entries in 3 file formats related to CVE-2023-5631. Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker  to load arbitrary JavaScript code.\n\nFIRST-EPSS: 0.006800000\nNVD-IS: 2.7\nNVD-ES: 2.3", "creation_timestamp": "2024-01-15T07:55:48.000000Z"}, {"uuid": "95971846-42f7-4267-b047-5aad3e062df6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "https://t.me/cibsecurity/72528", "content": "\u203c CVE-2023-5631 \u203c\n\nRoundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attackerto load arbitrary JavaScript code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T18:33:48.000000Z"}, {"uuid": "bf503c7d-d25e-4e7c-92f2-51c9735d58de", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c5ccb668-0ada-462f-86a4-cca8fde4e28a", "content": "", "creation_timestamp": "2026-06-19T12:46:46.888380Z"}, {"uuid": "9fb0d276-45de-48f0-acda-96428e42e788", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0540f4b4-d18f-42ac-a0c5-bed427623e2e", "content": "", "creation_timestamp": "2026-06-23T14:05:47.118516Z"}, {"uuid": "c0862b0e-bea6-4848-b031-2a0d4868d8c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "https://t.me/ZerodayAlert/76", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f\n\n\ud83d\udc68\u200d\ud83d\udcbb \u0413\u0440\u0443\u043f\u043f\u0430 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 Winter Vivern \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u043e\u0431\u043c\u0435\u043d\u0430 \u043f\u043e\u0447\u0442\u043e\u0439 Roundcube Webmail, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 JavaScript-\u043a\u043e\u0434.\n\n\ud83d\udcea \u0426\u0435\u043b\u044c\u044e \u0430\u0442\u0430\u043a\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u0440\u0430\u0436\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043f\u0438\u0441\u0435\u043c \u0438\u0437 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432 \u0436\u0435\u0440\u0442\u0432. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u043e\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0435 Base64, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438 \u0432\u043d\u0435\u0434\u0440\u044f\u0435\u0442\u0441\u044f \u0432 \u043e\u043a\u043d\u043e \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS).\n\n\ud83d\udc71\u200d\u2642\ufe0f \u0413\u0440\u0443\u043f\u043f\u0430 Winter Vivern \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u0441\u0432\u043e\u0438\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0423\u043a\u0440\u0430\u0438\u043d\u044b, \u041f\u043e\u043b\u044c\u0448\u0438, \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u0439 \u0415\u0432\u0440\u043e\u043f\u0435 \u0438 \u0418\u043d\u0434\u0438\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u043d\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442, \u0438\u043c\u0435\u0435\u0442 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-5631 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 14 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n#WinterVivern #Roundcube #XSS #0day\n\n@ZerodayAlert", "creation_timestamp": "2026-07-06T11:00:15.323707Z"}, {"uuid": "bbcb0a00-f257-4285-9867-cea77c1e3292", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "https://t.me/ZerodayAlert/76", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f\n\n\ud83d\udc68\u200d\ud83d\udcbb \u0413\u0440\u0443\u043f\u043f\u0430 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 Winter Vivern \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u043e\u0431\u043c\u0435\u043d\u0430 \u043f\u043e\u0447\u0442\u043e\u0439 Roundcube Webmail, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 JavaScript-\u043a\u043e\u0434.\n\n\ud83d\udcea \u0426\u0435\u043b\u044c\u044e \u0430\u0442\u0430\u043a\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u0440\u0430\u0436\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043f\u0438\u0441\u0435\u043c \u0438\u0437 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432 \u0436\u0435\u0440\u0442\u0432. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u043e\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0435 Base64, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438 \u0432\u043d\u0435\u0434\u0440\u044f\u0435\u0442\u0441\u044f \u0432 \u043e\u043a\u043d\u043e \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS).\n\n\ud83d\udc71\u200d\u2642\ufe0f \u0413\u0440\u0443\u043f\u043f\u0430 Winter Vivern \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u0441\u0432\u043e\u0438\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0423\u043a\u0440\u0430\u0438\u043d\u044b, \u041f\u043e\u043b\u044c\u0448\u0438, \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u0439 \u0415\u0432\u0440\u043e\u043f\u0435 \u0438 \u0418\u043d\u0434\u0438\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u043d\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442, \u0438\u043c\u0435\u0435\u0442 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-5631 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 14 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n#WinterVivern #Roundcube #XSS #0day\n\n@ZerodayAlert", "creation_timestamp": "2026-07-07T00:00:23.695844Z"}, {"uuid": "a7f3f4fa-fee4-4047-aebc-951ab455e35e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "MISP/0f810383-867c-42c6-ba59-2c5e4cfacbce", "content": "", "creation_timestamp": "2026-07-08T09:15:02.267854Z"}, {"uuid": "8e485b8f-3d7d-4867-8460-42ff43387c7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "MISP/0f810383-867c-42c6-ba59-2c5e4cfacbce", "content": "", "creation_timestamp": "2026-07-09T00:15:03.133171Z"}, {"uuid": "ed2a597e-c2e7-4824-b28f-1daa93e0b254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "seen", "source": "MISP/0f810383-867c-42c6-ba59-2c5e4cfacbce", "content": "", "creation_timestamp": "2026-07-10T00:15:04.354878Z"}, {"uuid": "71ee08e0-19e3-4e5e-9fdc-9961939fe25d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "exploited", "source": "https://t.me/ZerodayAlert/76", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f\n\n\ud83d\udc68\u200d\ud83d\udcbb \u0413\u0440\u0443\u043f\u043f\u0430 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 Winter Vivern \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u043e\u0431\u043c\u0435\u043d\u0430 \u043f\u043e\u0447\u0442\u043e\u0439 Roundcube Webmail, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 JavaScript-\u043a\u043e\u0434.\n\n\ud83d\udcea \u0426\u0435\u043b\u044c\u044e \u0430\u0442\u0430\u043a\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u0440\u0430\u0436\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043f\u0438\u0441\u0435\u043c \u0438\u0437 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432 \u0436\u0435\u0440\u0442\u0432. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u043e\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0435 Base64, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438 \u0432\u043d\u0435\u0434\u0440\u044f\u0435\u0442\u0441\u044f \u0432 \u043e\u043a\u043d\u043e \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS).\n\n\ud83d\udc71\u200d\u2642\ufe0f \u0413\u0440\u0443\u043f\u043f\u0430 Winter Vivern \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u0441\u0432\u043e\u0438\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0423\u043a\u0440\u0430\u0438\u043d\u044b, \u041f\u043e\u043b\u044c\u0448\u0438, \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u0439 \u0415\u0432\u0440\u043e\u043f\u0435 \u0438 \u0418\u043d\u0434\u0438\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u043d\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442, \u0438\u043c\u0435\u0435\u0442 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-5631 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 14 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n#WinterVivern #Roundcube #XSS #0day\n\n@ZerodayAlert", "creation_timestamp": "2026-07-12T05:00:04.952912Z"}, {"uuid": "8811ce20-5403-4b89-bc70-14fbea50b797", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5631", "type": "exploited", "source": "https://t.me/ZerodayAlert/76", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f\n\n\ud83d\udc68\u200d\ud83d\udcbb \u0413\u0440\u0443\u043f\u043f\u0430 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 Winter Vivern \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u043e\u0431\u043c\u0435\u043d\u0430 \u043f\u043e\u0447\u0442\u043e\u0439 Roundcube Webmail, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 JavaScript-\u043a\u043e\u0434.\n\n\ud83d\udcea \u0426\u0435\u043b\u044c\u044e \u0430\u0442\u0430\u043a\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u0440\u0430\u0436\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043f\u0438\u0441\u0435\u043c \u0438\u0437 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432 \u0436\u0435\u0440\u0442\u0432. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u043e\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0435 Base64, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438 \u0432\u043d\u0435\u0434\u0440\u044f\u0435\u0442\u0441\u044f \u0432 \u043e\u043a\u043d\u043e \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS).\n\n\ud83d\udc71\u200d\u2642\ufe0f \u0413\u0440\u0443\u043f\u043f\u0430 Winter Vivern \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u0441\u0432\u043e\u0438\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0423\u043a\u0440\u0430\u0438\u043d\u044b, \u041f\u043e\u043b\u044c\u0448\u0438, \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u0439 \u0415\u0432\u0440\u043e\u043f\u0435 \u0438 \u0418\u043d\u0434\u0438\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u043d\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442, \u0438\u043c\u0435\u0435\u0442 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-5631 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 14 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n#WinterVivern #Roundcube #XSS #0day\n\n@ZerodayAlert", "creation_timestamp": "2026-07-13T00:00:52.422035Z"}]}