github roundcube/roundcubemail 1.2.11
Roundcube Webmail 1.2.11

This is a security update to the LTS version 1.2.
It fixes a recently reported cross-site scripting (XSS) vulnerability via HTML messages with malicious svg/namespace.

Credits for this finding go to SSD Secure Disclosure.

We strongly recommend to update all productive installations of Roundcube 1.2.x
if you cannot upgrade to a more recent version. Please do backup your data before updating!

latest releases: 1.5-beta, 1.4.11, 1.4.10...
7 months ago