Fw: [Full-disclosure] XSS in roundcube.com and users of it

Thomas Bruederli roundcube at gmail.com
Wed Nov 22 13:00:18 CET 2006


There's a patch available for this issue. See
http://trac.roundcube.net/trac.cgi/ticket/1484109

It is also fixed in the SVN trunk (rev 382).

Regards,
Thomas


Chris Largret wrote:
> Hey,
> 
> I'm sure others have seen this as it's a couple days old now, but I'm
> just passing it along. It should have been sent to you guys first, but I
> don't see a reference on the dev list and it still works.
> 
> -Chris
> 
> 





More information about the Dev mailing list