Roundcube Webmail 1.2.13
·
4585 commits
to master
since this release
1.2.13
thomascube
Thomas B.
This tag was signed with the committer’s verified signature.
thomascube
Thomas B.
This is a security update to the LTS version 1.2.
It fixes a recently reported stored cross-site scripting (XSS)
vulnerability via HTML or plain text messages with malicious content [CVE-2020-35730].
Credits for this finding go to Alex Birnberg.
We strongly recommend to update all productive installations of Roundcube 1.2.x
if you cannot upgrade to a more recent version. Please do backup your data before updating!