Advisories ยป MGASA-2020-0261

Updated roundcubemail packages fix security vulnerability

Publication date: 15 Jun 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-13964 , CVE-2020-13965

Description

The latest maintenance release of roundcubemail fixes some xss issues:
- Fix XSS issue in template object 'username'
- Fix cross-site scripting (XSS) via malicious XML attachment
and improves the fix for CVE-2020-12641
                

References

SRPMS

7/core