Unpatched Bug in RainLoop Webmail Could Give Hackers Access to all Emails

The Hacker News

An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims’ inboxes.
“The code vulnerability […] can be easily exploited by an attacker by sending a malicious email to a victim that uses RainLoop as a mail client,” SonarSource security researcher Simon Scannell said in a report published