webmail security

An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims’ inboxes. Tracked as CVE-2025-29360, the flaw relates to a stored cross-site-scripting vulnerability impacting the latest...