Unrated severityCISA KEVNVD Advisory· Published Jun 7, 2024· Updated Oct 21, 2025
CVE-2024-37383
CVE-2024-37383
Description
Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <1.5.7, 1.6.x <1.6.7
Patches
Vulnerability mechanics
References
4News mentions
1- Russian Threat Groups Use RDP, VPN, Supply Chain Attacks, and Social Engineering for Initial AccessCyber Security News · May 22, 2026