Fw: [Full-disclosure] XSS in roundcube.com and users of it

Thomas Bruederli roundcube at gmail.com
Wed Nov 22 13:00:18 CET 2006

There's a patch available for this issue. See

It is also fixed in the SVN trunk (rev 382).


Chris Largret wrote:
> Hey,
> I'm sure others have seen this as it's a couple days old now, but I'm
> just passing it along. It should have been sent to you guys first, but I
> don't see a reference on the dev list and it still works.
> -Chris

More information about the Dev mailing list