Download
| Alert*
DSA-4674-1 roundcube -- roundcube
It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not correctly process and sanitize requests. This would allow a remote attacker to perform either a Cross-Site Request Forgery forcing an authenticated user to be logged out, or a Cross-Side Scripting leading to execution of arbitrary code.
|