[RCD] zero day vulnerability (tested on v8.0 to 9.0)
roundcube at lefoyer.ru
Wed Mar 27 17:47:51 CET 2013
not secure because only limit read file by extension php,ini,conf and
folder /etc. Allowed read /usr/local/etc logs and other file (if hosting
not limit open_basedir).
A.L.E.C писал 2013-03-27 20:11:
> We already fixed the issue in git branches: master, release-0.9,
> release-0.8, release-0.7. We'll release updated packages soon.
More information about the dev