Plesk & SocialBee have teamed up. Save 30% now!

Knowledge Base

CVE-2021-46144: Vulnerability in Roundcube

Situation

CVE-2021-46144 vulnerability was discovered in Roundcube.

Impact

Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences.

Call to action

The vulnerability was fixed and shipped in Plesk Obsidian 18.0.41. Consider updating the Plesk server as per the following article.

Related Posts

Plesk Obsidian 18.0.62 is now available

Plesk Obsidian 18.0.61 Release

Recommended OSs for Plesk

Knowledge Base

Websites on Plesk server are slow or show error 500 or PHP mail cannot be sent: ap_pass_brigade failed

Unable to access mail: Warning: Inotify instance limit for user exceeded

Email header analysis reports SPF failed for localhost IP on mail sent from Plesk hosted mailbox: SPF Authentication : SPF Failed for IP – 127.0.0.1

Unable to send mail: deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)

Hosting Wiki