A stored XSS flaw in RainLoop allows stealing users’ emails

Security Affairs

Experts disclose an unpatched vulnerability in the RainLoop webmail client, tracked as CVE-2022-29360, that can be exploited to steal users’ emails. RainLoop is an open-source web-based email client used by thousands of organizations, which is affected by a vulnerability, tracked as CVE-2022-29360, that can be exploited to steal users’ emails. The vulnerability is a stored […]

The post A stored XSS flaw in RainLoop allows stealing users’ emails appeared first on Security Affairs.