Dangerous! XSS vulnerability

Robin Elfrink elfrink at introweb.nl
Fri Feb 16 10:03:59 CET 2007


Michael Bueker wrote:

> http://trac.roundcube.net/trac.cgi/ticket/1484254
> 
> This should get immediate attention.

Proposed fix added to the ticket.

The only thing I'm not sure about is charset conversions. I have no
experience with those. Are special charset thingies used in mailbox names?


Robin




More information about the Dev mailing list