My bad, I tested wrong, seems I understood the exploit wrong. I just realized it's not on the receiving end but on the sending client. Which payload did you use to test roundcube or how did you test this in roundcube?
On 2017-12-07 10:07, A.L.E.C wrote:
On 12/07/2017 09:45 AM, Maarten wrote:
Hello,
Is roundcube going to get a patch for mailsploit?
I tried the demo and it seems that roundcube is vulnurable for this:
I tried that two days ago and see no issue. Could you be more specific?