CISA has identified a medium-severity security flaw affecting Roundcube email software, categorized as CVE-2023–43770.