github roundcube/roundcubemail 1.2.13
Roundcube Webmail 1.2.13

This is a security update to the LTS version 1.2.
It fixes a recently reported stored cross-site scripting (XSS)
vulnerability via HTML or plain text messages with malicious content [CVE-2020-35730].

Credits for this finding go to Alex Birnberg.

We strongly recommend to update all productive installations of Roundcube 1.2.x
if you cannot upgrade to a more recent version. Please do backup your data before updating!

latest releases: 1.5-beta, 1.4.11, 1.4.10...
2 months ago