Roundcube releases a new security updates to the 1.6.8 and 1.5.8 LTS versions of Roundcube Webmail, that contain fixes for recently reported security XSS vulnerabilities.

Attackers can abuse the vulnerability to steal emails, contacts, and the victim's email password as well as send emails from the victim's account.

The National CERT suggests all Roundcube Webmail users to apply a new versions 1.6.8 and 1.5.8 in order to avoid the possible exploit of vulnerabilities by attackers.

For more details please visit: Roundcube