This is a security update to the LTS version 1.2.
It fixes a recently reported stored cross-site scripting (XSS)
vulnerability via HTML or plain text messages with malicious content [CVE-2020-35730].
Credits for this finding go to Alex Birnberg.
We strongly recommend to update all productive installations of Roundcube 1.2.x
if you cannot upgrade to a more recent version. Please do backup your data before updating!