[RCD] [RCU] Vulnerability in Roundcube

Robin Elfrink elfrink at introweb.nl
Thu Dec 13 13:00:40 CET 2007


I have here a quick hacked-up patch for the IE CSS XSS vulnerability.
Partly stolen from Squirrelmail.

It's not nice but it seems to work.

Any comments?



Robin



 --- 8< --- detachments --- 8< ---
 The following attachments have been detached and are available for viewing.
  http://detached.gigo.com/rc/df/hlPQIvyG/ie-xss.200712131255.patch
 Only click these links if you trust the sender, as well as this message.
 --- 8< --- detachments --- 8< ---

-------------- next part --------------
_______________________________________________
List info: http://lists.roundcube.net/dev/


More information about the Dev mailing list