mail-in-a-box / mailinabox

Mail-in-a-Box helps individuals take back control of their email by defining a one-click, easy-to-deploy SMTP+everything else server: a mail server in a box.

https://mailinabox.email/

Roundube v1.6.x prior to v1.6.4 has an XSS vulnerability

begincalendar opened this issue 9 months ago · comments

Matt commented 9 months ago

Could we please get Roundcube updated to v1.6.4, to mitigate this XSS vulnerability?

Joshua Tauberer commented 9 months ago

See #2317.

Matt commented 9 months ago

Thanks! Sorry for the duplication, I only searched for pre-existing issues (not PRs as well).