Roundcube Webmail 1.3.16
·
3785 commits
to master
since this release
1.3.16
thomascube
Thomas B.
This tag was signed with the committer’s verified signature.
thomascube
Thomas B.
This is a security update to the LTS version 1.3.
It fixes a recently reported stored cross-site scripting (XSS)
vulnerability via HTML or plain text messages with malicious content [CVE-2020-35730].
Credits for this finding go to Alex Birnberg.
This version in considered stable and we strongly recommend to update all productive
installations of Roundcube 1.3.x with it. Please do backup your data before updating!