CISOs need to ensure that web email clients and browsers are kept up to date following the discovery of cross site scripting attacks on organizations running webmail clients such as Roundcube, Horde, ...