Dear subscribers
We just published security updates to the stable version 1.4 and the LTS versions 1.3 and 1.2 of Roundcube Webmail. They all contain fixes to a recently reported stored XSS vulnerability found and kindly reported by Alex Birnberg (
birnbergalex@gmail.com).
The 1.4.10 release also contains a few general improvements from our issue tracker.
See the full changelogs in the release notes on the Github download pages for the updated versions:
We strongly recommend to update all productive installations of Roundcube with these new versions.
Best wishes and a happy new year!
Alec & Thomas