RoundCube Webmail is a browser-based, multilingual IMAP client. Its extensive feature set includes MIME support, address books, folder manipulation, message searching, spell checking, and more.
A cross-site scripting (XSS) vulnerability tracked as CVE-2023-43770 in Roundcube has been found, which might result in information leakage through malicious link references in plain/text communications.
Roundcube Webmail 1.6.3 is now available. It offers a patch for a recently discovered XSS vulnerability reported by Niraj Shivtarkar.
“We just published a security update to version 1.6 of Roundcube Webmail. According to the release notes, it provides a fix to a recently reported XSS vulnerability”.
Among other features, Roundcube Webmail supports internationalized domain names, shared folders and namespaces, and SMTP delivery status notifications. Also, the IMAP folders’ user interface has been changed to allow more space for extensions and plug-ins.
Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware
Changelog For Version 1.6.3
- Fix bug where installto.sh/update.sh scripts were removing some essential options from the config file (#9051)
- Update jQuery-UI to version 1.13.2 (#9041)
- Fix regression that broke use_secure_urls feature (#9052)
- Fix potential PHP fatal error when opening a message with message/rfc822 part (#8953)
- Fix bug where a duplicate
tag in HTML email could cause some parts to be cut off (#9029)</li> <li>Fix bug where a list of folders could have been sorted incorrectly (#9057)</li> <li>Fix regression where LDAP addressbook ‘filter’ option was ignored (#9061)</li> <li>Fix wrong order of a multi-folder search result when sorting by size (#9065)</li> <li>Fix so install/update scripts do not require PEAR (#9037)</li> <li>Fix regression where some mail parts could have been decoded incorrectly, or not at all (#9096)</li> <li>Fix handling of an error case in Cyrus IMAP BINARY FETCH, fallback to non-binary FETCH (#9097)</li> <li>Fix PHP8 deprecation warning in the reconnect plugin (#9083)</li> <li>Fix “Show source” on mobile with x_frame_options = deny (#9084)</li> <li>Fix various PHP warnings (#9098)</li> <li>Fix deprecated use of ldap_connect() in password’s ldap_simple driver (#9060)</li> <li>Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages</li> </ul> <p>The remote Debian 10 host has packages installed that are affected by this vulnerability. </p> <h2 class="wp-block-heading" id="h-fix-available"><strong>Fix Available</strong></h2> <p>Roundcube Webmail 1.6.3 is considered stable and it is recommended to update all productive installations of Roundcube 1.6.x with it.</p> <p>For Debian 10 buster, this problem has been fixed in version 1.3.17+dfsg.1-1~deb10u3.</p> <p>Hence, it is recommended that you upgrade your roundcube packages.</p> <p class="has-text-align-center has-background" style="background-color:#f4f4f4"><strong>Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, <a rel="nofollow noopener" target="_blank" href="https://twitter.com/The_Cyber_News">Twitter</a>, and Facebook.</strong></p> <p><!-- AI CONTENT END 1 --> </div> <p><script type="rocketlazyloadscript" data-minify="1" async data-rocket-src="https://cdn.cybernoz.com/wp-content/cache/min/1/widgets.js?ver=1732551389" charset="utf-8"></script><br /> <br /><br /> <br /><a href="https://cybersecuritynews.com/roundcube-webmail-xss-vulnerability/" target="_blank" rel="noopener">Source link </a></p> </div><!-- .entry-content --> </div> </article> <nav class="navigation post-navigation" aria-label="Posts"> <h2 class="screen-reader-text">Post navigation</h2> <div class="nav-links"><div class="nav-previous"><a href="https://cybernoz.com/bind-dns-system-flaws-let-attacker-launch-dos-attacks/" rel="prev">BIND DNS system Flaws Let Attacker Launch DoS Attacks →</a></div><div class="nav-next"><a href="https://cybernoz.com/new-stealthy-and-modular-deadglyph-malware-used-in-govt-attacks/" rel="next">← New stealthy and modular Deadglyph malware used in govt attacks</a></div></div> </nav> <div class="clear"></div> </div><!--/#gridhot-posts-wrapper --> </div> </div> </div><!-- /#gridhot-main-wrapper --> <div class="gridhot-sidebar-one-wrapper gridhot-sidebar-widget-areas gridhot-clearfix" id="gridhot-sidebar-one-wrapper" itemscope="itemscope" itemtype="http://schema.org/WPSideBar" role="complementary"> <div class="theiaStickySidebar"> <div class="gridhot-sidebar-one-wrapper-inside gridhot-clearfix"> <div id="block-3" class="gridhot-side-widget widget gridhot-widget-box widget_block"><div class="gridhot-widget-box-inside"> <div class="wp-block-group"><div class="wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow"> <h2 class="wp-block-heading">Latest Posts</h2> <ul class="wp-block-latest-posts__list wp-block-latest-posts"><li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/how-to-safeguard-mobile-banking-apps-from-cyber-risk/">How to Safeguard Mobile Banking Apps from Cyber Risk</a></li> <li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/starbucks-grocery-stores-impacted-by-blue-yonder-ransomware-attack/">Starbucks, grocery stores impacted by Blue Yonder ransomware attack</a></li> <li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/critical-wordpress-anti-spam-plugin-flaws-expose-200000-sites-to-remote-attacks/">Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks</a></li> <li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/hackers-exploit-critical-bug-in-array-networks-ssl-vpn-products/">Hackers exploit critical bug in Array Networks SSL VPN products</a></li> <li><a class="wp-block-latest-posts__post-title" href="https://cybernoz.com/starbucks-shifts-to-manual-processes-after-contractor-ransomware-attack/">Starbucks Shifts to Manual Processes After Contractor Ransomware Attack</a></li> </ul></div></div> </div></div><div id="custom_html-2" class="widget_text gridhot-side-widget widget gridhot-widget-box widget_custom_html"><div class="widget_text gridhot-widget-box-inside"><div class="gridhot-widget-header"><div class="gridhot-widget-header-inside"><h2 class="gridhot-widget-title"><span class="gridhot-widget-title-inside">Social?</span></h2></div></div><div class="textwidget custom-html-widget"><script type="rocketlazyloadscript" data-rocket-type="text/javascript"> atOptions = { 'key' : 'd763fe6a6c5ebe5ea235b8650bdb1880', 'format' : 'iframe', 'height' : 600, 'width' : 160, 'params' : {} }; </script> <script type="rocketlazyloadscript" data-rocket-type="text/javascript" data-rocket-src="//www.topcreativeformat.com/d763fe6a6c5ebe5ea235b8650bdb1880/invoke.js" data-rocket-defer defer></script></div></div></div> </div> </div> </div><!-- /#gridhot-sidebar-one-wrapper--> </div> </div><!--/#gridhot-content-wrapper --> </div><!--/#gridhot-wrapper --> <div class='gridhot-clearfix' id='gridhot-copyright-area'> <div class='gridhot-copyright-area-inside gridhot-container'> <div class="gridhot-outer-wrapper"> <div class='gridhot-copyright-area-inside-content gridhot-clearfix'> <p class='gridhot-copyright'>Copyright © 2024 Cybernoz</p> <p class='gridhot-credit'><a href="https://themesdna.com/">Design by ThemesDNA.com</a></p> </div> </div> </div> </div><!--/#gridhot-copyright-area --> <button class="gridhot-scroll-top" title="Scroll to Top"><i class="fas fa-arrow-up" aria-hidden="true"></i><span class="gridhot-sr-only">Scroll to Top</span></button> <link data-minify="1" rel='stylesheet' id='whp1246tw-bs4.css-css' href='https://cdn.cybernoz.com/wp-content/cache/min/1/wp-content/plugins/wp-security-hardening/modules/inc/assets/css/tw-bs4.css?ver=1732551331' type='text/css' media='all' /> <link data-minify="1" rel='stylesheet' id='whp7414font-awesome.min.css-css' href='https://cdn.cybernoz.com/wp-content/cache/min/1/wp-content/plugins/wp-security-hardening/modules/inc/fa/css/font-awesome.min.css?ver=1732551331' type='text/css' media='all' /> <link data-minify="1" rel='stylesheet' id='whp7239front.css-css' href='https://cdn.cybernoz.com/wp-content/cache/min/1/wp-content/plugins/wp-security-hardening/modules/css/front.css?ver=1732551331' type='text/css' media='all' /> <script type="rocketlazyloadscript" data-rocket-type="text/javascript" id="rocket-browser-checker-js-after"> /* <![CDATA[ */ "use strict";var _createClass=function(){function defineProperties(target,props){for(var i=0;i<props.length;i++){var descriptor=props[i];descriptor.enumerable=descriptor.enumerable||!1,descriptor.configurable=!0,"value"in descriptor&&(descriptor.writable=!0),Object.defineProperty(target,descriptor.key,descriptor)}}return function(Constructor,protoProps,staticProps){return protoProps&&defineProperties(Constructor.prototype,protoProps),staticProps&&defineProperties(Constructor,staticProps),Constructor}}();function _classCallCheck(instance,Constructor){if(!(instance instanceof Constructor))throw new TypeError("Cannot call a class as a function")}var RocketBrowserCompatibilityChecker=function(){function RocketBrowserCompatibilityChecker(options){_classCallCheck(this,RocketBrowserCompatibilityChecker),this.passiveSupported=!1,this._checkPassiveOption(this),this.options=!!this.passiveSupported&&options}return _createClass(RocketBrowserCompatibilityChecker,[{key:"_checkPassiveOption",value:function(self){try{var options={get passive(){return!(self.passiveSupported=!0)}};window.addEventListener("test",null,options),window.removeEventListener("test",null,options)}catch(err){self.passiveSupported=!1}}},{key:"initRequestIdleCallback",value:function(){!1 in window&&(window.requestIdleCallback=function(cb){var start=Date.now();return setTimeout(function(){cb({didTimeout:!1,timeRemaining:function(){return Math.max(0,50-(Date.now()-start))}})},1)}),!1 in window&&(window.cancelIdleCallback=function(id){return clearTimeout(id)})}},{key:"isDataSaverModeOn",value:function(){return"connection"in navigator&&!0===navigator.connection.saveData}},{key:"supportsLinkPrefetch",value:function(){var elem=document.createElement("link");return elem.relList&&elem.relList.supports&&elem.relList.supports("prefetch")&&window.IntersectionObserver&&"isIntersecting"in IntersectionObserverEntry.prototype}},{key:"isSlowConnection",value:function(){return"connection"in navigator&&"effectiveType"in navigator.connection&&("2g"===navigator.connection.effectiveType||"slow-2g"===navigator.connection.effectiveType)}}]),RocketBrowserCompatibilityChecker}(); /* ]]> */ </script> <script type="text/javascript" id="rocket-preload-links-js-extra"> /* <![CDATA[ */ var RocketPreloadLinksConfig = {"excludeUris":"\/(?:.+\/)?feed(?:\/(?:.+\/?)?)?$|\/(?:.+\/)?embed\/|\/(index.php\/)?(.*)wp-json(\/.*|$)|\/refer\/|\/go\/|\/recommend\/|\/recommends\/","usesTrailingSlash":"1","imageExt":"jpg|jpeg|gif|png|tiff|bmp|webp|avif|pdf|doc|docx|xls|xlsx|php","fileExt":"jpg|jpeg|gif|png|tiff|bmp|webp|avif|pdf|doc|docx|xls|xlsx|php|html|htm","siteUrl":"https:\/\/cybernoz.com","onHoverDelay":"100","rateThrottle":"3"}; /* ]]> */ </script> <script type="rocketlazyloadscript" data-rocket-type="text/javascript" id="rocket-preload-links-js-after"> /* <![CDATA[ */ (function() { "use strict";var r="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},e=function(){function i(e,t){for(var n=0;n<t.length;n++){var i=t[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(e,i.key,i)}}return function(e,t,n){return t&&i(e.prototype,t),n&&i(e,n),e}}();function i(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}var t=function(){function n(e,t){i(this,n),this.browser=e,this.config=t,this.options=this.browser.options,this.prefetched=new Set,this.eventTime=null,this.threshold=1111,this.numOnHover=0}return e(n,[{key:"init",value:function(){!this.browser.supportsLinkPrefetch()||this.browser.isDataSaverModeOn()||this.browser.isSlowConnection()||(this.regex={excludeUris:RegExp(this.config.excludeUris,"i"),images:RegExp(".("+this.config.imageExt+")$","i"),fileExt:RegExp(".("+this.config.fileExt+")$","i")},this._initListeners(this))}},{key:"_initListeners",value:function(e){-1<this.config.onHoverDelay&&document.addEventListener("mouseover",e.listener.bind(e),e.listenerOptions),document.addEventListener("mousedown",e.listener.bind(e),e.listenerOptions),document.addEventListener("touchstart",e.listener.bind(e),e.listenerOptions)}},{key:"listener",value:function(e){var t=e.target.closest("a"),n=this._prepareUrl(t);if(null!==n)switch(e.type){case"mousedown":case"touchstart":this._addPrefetchLink(n);break;case"mouseover":this._earlyPrefetch(t,n,"mouseout")}}},{key:"_earlyPrefetch",value:function(t,e,n){var i=this,r=setTimeout(function(){if(r=null,0===i.numOnHover)setTimeout(function(){return i.numOnHover=0},1e3);else if(i.numOnHover>i.config.rateThrottle)return;i.numOnHover++,i._addPrefetchLink(e)},this.config.onHoverDelay);t.addEventListener(n,function e(){t.removeEventListener(n,e,{passive:!0}),null!==r&&(clearTimeout(r),r=null)},{passive:!0})}},{key:"_addPrefetchLink",value:function(i){return this.prefetched.add(i.href),new Promise(function(e,t){var n=document.createElement("link");n.rel="prefetch",n.href=i.href,n.onload=e,n.onerror=t,document.head.appendChild(n)}).catch(function(){})}},{key:"_prepareUrl",value:function(e){if(null===e||"object"!==(void 0===e?"undefined":r(e))||!1 in e||-1===["http:","https:"].indexOf(e.protocol))return null;var t=e.href.substring(0,this.config.siteUrl.length),n=this._getPathname(e.href,t),i={original:e.href,protocol:e.protocol,origin:t,pathname:n,href:t+n};return this._isLinkOk(i)?i:null}},{key:"_getPathname",value:function(e,t){var n=t?e.substring(this.config.siteUrl.length):e;return n.startsWith("/")||(n="/"+n),this._shouldAddTrailingSlash(n)?n+"/":n}},{key:"_shouldAddTrailingSlash",value:function(e){return this.config.usesTrailingSlash&&!e.endsWith("/")&&!this.regex.fileExt.test(e)}},{key:"_isLinkOk",value:function(e){return null!==e&&"object"===(void 0===e?"undefined":r(e))&&(!this.prefetched.has(e.href)&&e.origin===this.config.siteUrl&&-1===e.href.indexOf("?")&&-1===e.href.indexOf("#")&&!this.regex.excludeUris.test(e.href)&&!this.regex.images.test(e.href))}}],[{key:"run",value:function(){"undefined"!=typeof RocketPreloadLinksConfig&&new n(new RocketBrowserCompatibilityChecker({capture:!0,passive:!0}),RocketPreloadLinksConfig).init()}}]),n}();t.run(); }()); /* ]]> */ </script> <script type="text/javascript" id="rocket_lazyload_css-js-extra"> /* <![CDATA[ */ var rocket_lazyload_css_data = {"threshold":"300"}; /* ]]> */ </script> <script type="text/javascript" id="rocket_lazyload_css-js-after"> /* <![CDATA[ */ !function o(n,c,a){function u(t,e){if(!c[t]){if(!n[t]){var r="function"==typeof require&&require;if(!e&&r)return r(t,!0);if(s)return s(t,!0);throw(e=new Error("Cannot find module '"+t+"'")).code="MODULE_NOT_FOUND",e}r=c[t]={exports:{}},n[t][0].call(r.exports,function(e){return u(n[t][1][e]||e)},r,r.exports,o,n,c,a)}return c[t].exports}for(var s="function"==typeof require&&require,e=0;e<a.length;e++)u(a[e]);return u}({1:[function(e,t,r){"use strict";{const c="undefined"==typeof rocket_pairs?[]:rocket_pairs,a=(("undefined"==typeof rocket_excluded_pairs?[]:rocket_excluded_pairs).map(t=>{var e=t.selector;document.querySelectorAll(e).forEach(e=>{e.setAttribute("data-rocket-lazy-bg-"+t.hash,"excluded")})}),document.querySelector("#wpr-lazyload-bg-container"));var o=rocket_lazyload_css_data.threshold||300;const u=new IntersectionObserver(e=>{e.forEach(t=>{t.isIntersecting&&c.filter(e=>t.target.matches(e.selector)).map(t=>{var e;t&&((e=document.createElement("style")).textContent=t.style,a.insertAdjacentElement("afterend",e),t.elements.forEach(e=>{u.unobserve(e),e.setAttribute("data-rocket-lazy-bg-"+t.hash,"loaded")}))})})},{rootMargin:o+"px"});function n(){0<(0<arguments.length&&void 0!==arguments[0]?arguments[0]:[]).length&&c.forEach(t=>{try{document.querySelectorAll(t.selector).forEach(e=>{"loaded"!==e.getAttribute("data-rocket-lazy-bg-"+t.hash)&&"excluded"!==e.getAttribute("data-rocket-lazy-bg-"+t.hash)&&(u.observe(e),(t.elements||=[]).push(e))})}catch(e){console.error(e)}})}n(),function(){const r=window.MutationObserver;return function(e,t){if(e&&1===e.nodeType)return(t=new r(t)).observe(e,{attributes:!0,childList:!0,subtree:!0}),t}}()(document.querySelector("body"),n)}},{}]},{},[1]); /* ]]> */ </script> <script type="text/javascript" src="https://cdn.cybernoz.com/wp-content/themes/gridhot/assets/js/jquery.fitvids.min.js" id="fitvids-js" data-rocket-defer defer></script> <script type="rocketlazyloadscript" data-rocket-type="text/javascript" data-rocket-src="https://cdn.cybernoz.com/wp-content/themes/gridhot/assets/js/ResizeSensor.min.js" id="ResizeSensor-js" data-rocket-defer defer></script> <script type="rocketlazyloadscript" data-rocket-type="text/javascript" data-rocket-src="https://cdn.cybernoz.com/wp-content/themes/gridhot/assets/js/theia-sticky-sidebar.min.js" id="theia-sticky-sidebar-js" data-rocket-defer defer></script> <script type="rocketlazyloadscript" data-minify="1" data-rocket-type="text/javascript" data-rocket-src="https://cdn.cybernoz.com/wp-content/cache/min/1/wp-content/themes/gridhot/assets/js/navigation.js?ver=1732551331" id="gridhot-navigation-js" data-rocket-defer defer></script> <script type="rocketlazyloadscript" data-minify="1" data-rocket-type="text/javascript" data-rocket-src="https://cdn.cybernoz.com/wp-content/cache/min/1/wp-content/themes/gridhot/assets/js/skip-link-focus-fix.js?ver=1732551331" id="gridhot-skip-link-focus-fix-js" data-rocket-defer defer></script> <script type="rocketlazyloadscript" data-rocket-type="text/javascript" data-rocket-src="https://cdn.cybernoz.com/wp-includes/js/imagesloaded.min.js" id="imagesloaded-js" data-rocket-defer defer></script> <script type="text/javascript" id="gridhot-customjs-js-extra"> /* <![CDATA[ */ var gridhot_ajax_object = {"ajaxurl":"https:\/\/cybernoz.com\/wp-admin\/admin-ajax.php","primary_menu_active":"1","secondary_menu_active":"1","sticky_sidebar_active":"1","fitvids_active":"1","backtotop_active":"1"}; /* ]]> */ </script> <script type="rocketlazyloadscript" data-minify="1" data-rocket-type="text/javascript" data-rocket-src="https://cdn.cybernoz.com/wp-content/cache/min/1/wp-content/themes/gridhot/assets/js/custom.js?ver=1732551331" id="gridhot-customjs-js" data-rocket-defer defer></script> <script type="text/javascript" id="gridhot-html5shiv-js-js-extra"> /* <![CDATA[ */ var gridhot_custom_script_vars = {"elements_name":"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output picture progress section summary template time video"}; /* ]]> */ </script> <script type="rocketlazyloadscript" data-minify="1" data-rocket-type="text/javascript" data-rocket-src="https://cdn.cybernoz.com/wp-content/cache/min/1/wp-content/themes/gridhot/assets/js/html5shiv.js?ver=1732551331" id="gridhot-html5shiv-js-js" data-rocket-defer defer></script> <script>window.lazyLoadOptions=[{elements_selector:"img[data-lazy-src],.rocket-lazyload,iframe[data-lazy-src]",data_src:"lazy-src",data_srcset:"lazy-srcset",data_sizes:"lazy-sizes",class_loading:"lazyloading",class_loaded:"lazyloaded",threshold:300,callback_loaded:function(element){if(element.tagName==="IFRAME"&&element.dataset.rocketLazyload=="fitvidscompatible"){if(element.classList.contains("lazyloaded")){if(typeof window.jQuery!="undefined"){if(jQuery.fn.fitVids){jQuery(element).parent().fitVids()}}}}}},{elements_selector:".rocket-lazyload",data_src:"lazy-src",data_srcset:"lazy-srcset",data_sizes:"lazy-sizes",class_loading:"lazyloading",class_loaded:"lazyloaded",threshold:300,}];window.addEventListener('LazyLoad::Initialized',function(e){var lazyLoadInstance=e.detail.instance;if(window.MutationObserver){var observer=new MutationObserver(function(mutations){var image_count=0;var iframe_count=0;var rocketlazy_count=0;mutations.forEach(function(mutation){for(var i=0;i<mutation.addedNodes.length;i++){if(typeof mutation.addedNodes[i].getElementsByTagName!=='function'){continue} if(typeof mutation.addedNodes[i].getElementsByClassName!=='function'){continue} images=mutation.addedNodes[i].getElementsByTagName('img');is_image=mutation.addedNodes[i].tagName=="IMG";iframes=mutation.addedNodes[i].getElementsByTagName('iframe');is_iframe=mutation.addedNodes[i].tagName=="IFRAME";rocket_lazy=mutation.addedNodes[i].getElementsByClassName('rocket-lazyload');image_count+=images.length;iframe_count+=iframes.length;rocketlazy_count+=rocket_lazy.length;if(is_image){image_count+=1} if(is_iframe){iframe_count+=1}}});if(image_count>0||iframe_count>0||rocketlazy_count>0){lazyLoadInstance.update()}});var b=document.getElementsByTagName("body")[0];var config={childList:!0,subtree:!0};observer.observe(b,config)}},!1)</script><script data-no-minify="1" async src="https://cdn.cybernoz.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js"></script><script>function lazyLoadThumb(e,alt,l){var t='<img data-lazy-src="https://i.ytimg.com/vi/ID/hqdefault.jpg" alt="" width="480" height="360"><noscript><img src="https://i.ytimg.com/vi/ID/hqdefault.jpg" alt="" width="480" height="360"></noscript>',a='<button class="play" aria-label="play Youtube video"></button>';if(l){t=t.replace('data-lazy-','');t=t.replace('loading="lazy"','');t=t.replace(/<noscript>.*?<\/noscript>/g,'');}t=t.replace('alt=""','alt="'+alt+'"');return t.replace("ID",e)+a}function lazyLoadYoutubeIframe(){var e=document.createElement("iframe"),t="ID?autoplay=1";t+=0===this.parentNode.dataset.query.length?"":"&"+this.parentNode.dataset.query;e.setAttribute("src",t.replace("ID",this.parentNode.dataset.src)),e.setAttribute("frameborder","0"),e.setAttribute("allowfullscreen","1"),e.setAttribute("allow","accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture"),this.parentNode.parentNode.replaceChild(e,this.parentNode)}document.addEventListener("DOMContentLoaded",function(){var exclusions=[];var e,t,p,u,l,a=document.getElementsByClassName("rll-youtube-player");for(t=0;t<a.length;t++)(e=document.createElement("div")),(u='https://i.ytimg.com/vi/ID/hqdefault.jpg'),(u=u.replace('ID',a[t].dataset.id)),(l=exclusions.some(exclusion=>u.includes(exclusion))),e.setAttribute("data-id",a[t].dataset.id),e.setAttribute("data-query",a[t].dataset.query),e.setAttribute("data-src",a[t].dataset.src),(e.innerHTML=lazyLoadThumb(a[t].dataset.id,a[t].dataset.alt,l)),a[t].appendChild(e),(p=e.querySelector(".play")),(p.onclick=lazyLoadYoutubeIframe)});</script><script>var rocket_beacon_data = {"ajax_url":"https:\/\/cybernoz.com\/wp-admin\/admin-ajax.php","nonce":"4d7d2dbd76","url":"https:\/\/cybernoz.com\/roundcube-webmail-xss-vulnerability-exposes-sensitive-data","is_mobile":false,"width_threshold":1600,"height_threshold":700,"delay":500,"debug":null,"status":{"atf":true,"lrc":true},"elements":"img, video, picture, p, main, div, li, svg, section, header, span","lrc_threshold":1800}</script><script data-name="wpr-wpr-beacon" src='https://cybernoz.com/wp-content/plugins/wp-rocket/assets/js/wpr-beacon.min.js' async></script></body> </html> <!-- This website is like a Rocket, isn't it? Performance optimized by WP Rocket. Learn more: https://wp-rocket.me -->