An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmail_output_html.php allows XSS via the username template object. Upstream Commit:

Created roundcubemail tracking bugs for this issue: Affects: epel-all [ ] Affects: fedora-all [
….



Source link

You must be logged in to post a comment.