Advisories ยป MGASA-2020-0339

Updated roundcubemail packages fix security vulnerabilities

Publication date: 18 Aug 2020
Modification date: 18 Aug 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-16145

Description

Fix potential XSS issue in HTML editor of the identity signature input
Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145]
Fix cross-site scripting (XSS) via HTML messages with malicious math content
                

References

SRPMS

7/core