| Revision Date: | 2021-06-27 | Version: | 1 |
| Title: | Security update for roundcubemail (Important) |
| Description: |
This update for roundcubemail fixes the following issues:
Upgrade to version 1.3.16
This is a security update to the LTS version 1.3.
It fixes a recently reported stored cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content.
References:
- CVE-2020-18670: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php (boo#1187707) - CVE-2020-18671: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php (boo#1187706) - CVE-2020-35730: cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content (boo#1180399)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1180399
1187706
1187707
CVE-2020-18670
CVE-2020-18671
CVE-2020-35730
openSUSE-SU-2021:0931-1
|
| Platform(s): | openSUSE Leap 15.2
| Product(s): | |
| Definition Synopsis |
| openSUSE Leap 15.2 is installed AND roundcubemail-1.3.16-lp152.4.6.1 is installed
|