MGASA-2020-0261

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2020-0261.html

Import Source

https://advisories.mageia.org/MGASA-2020-0261.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2020-0261

Related

CVE-2020-13964
CVE-2020-13965

Published

2020-06-15T07:54:40Z

Modified

2020-06-15T07:09:02Z

Summary

Updated roundcubemail packages fix security vulnerability

Details

The latest maintenance release of roundcubemail fixes some xss issues: - Fix XSS issue in template object 'username' - Fix cross-site scripting (XSS) via malicious XML attachment and improves the fix for CVE-2020-12641

References

https://advisories.mageia.org/MGASA-2020-0261.html
https://bugs.mageia.org/show_bug.cgi?id=26720
https://github.com/roundcube/roundcubemail/releases/tag/1.3.12

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2020-0261

Affected packages