RoundCube | CVE-2023-43770 | Versions before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before

Per: NVD - CVE-2023-43770 (nist.gov)
Snippet: According to a description of the bug on NIST's National Vulnerability Database (NVD), the vulnerability impacts Roundcube versions before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3

Most/all should be fine if you keep your host updated, most will probably have the 1.4.15 which is not listed below.
==============================================
Alert: CISA Warns of Active 'Roundcube' Email Attacks

• Vulnerability: Cross-site scripting (XSS) flaw in Roundcube email software (CVE-2023-43770, CVSS score: 6.1).
• Affected Versions: Roundcube versions before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3.
• Impact: Leads to information disclosure via malicious link references in plain/text messages.
• Resolution: Patched in Roundcube version 1.6.3, released on September 15, 2023.