Roundcube v1.2.11 Release Notes

Release Date: 2020-07-05 // over 3 years ago
  • ⚡️ This is a security update to the LTS version 1.2.
    🛠 It fixes a recently reported cross-site scripting (XSS) vulnerability via HTML messages with malicious svg/namespace (CVE-2020-15562).

    Credits for this finding go to SSD Secure Disclosure.

    ⚡️ We strongly recommend to update all productive installations of Roundcube 1.2.x
    ⚡️ if you cannot upgrade to a more recent version. Please do backup your data before updating!