[RCD] [RCU] Vulnerability in Roundcube

Balachandran Sivakumar benignbala at gmail.com
Thu Dec 13 13:10:13 CET 2007

On Dec 13, 2007 5:30 PM, Robin Elfrink <elfrink at introweb.nl> wrote:
> I have here a quick hacked-up patch for the IE CSS XSS vulnerability.
> Partly stolen from Squirrelmail.

      From what i know about XSS, i think this is what is asked in this RFE

    And as suggested, i think using htmlpurifier or such stuff is
better. But if this squirrelmail hacked code works fine here as well,
then no issues. But i thought why to reinvent the wheel?

Please correct me if i am wrong.
                     Thank you
Balachandran Sivakumar

Arise Awake and stop not till the goal is reached

        Learn to live.................Live to learn

Mail: benignbala at gmail.com
Blog: http://benignbala.wordpress.com/
List info: http://lists.roundcube.net/dev/

More information about the Dev mailing list