diff options
| author | Aleksander Machniak <alec@alec.pl> | 2012-11-14 13:29:58 +0100 |
|---|---|---|
| committer | Aleksander Machniak <alec@alec.pl> | 2012-11-14 13:34:40 +0100 |
| commit | 377793d67c6b19327212bf2ac5647a4f01a48a48 (patch) | |
| tree | 5da341971ebb24c0162dfab9689b1cfb5a18b739 | |
| parent | a5c8786a34be237a3436b3c96d283462e76a5c3a (diff) | |
Fix XSS vulnerability in handling of text/enriched messages (#1488806)
Conflicts:
CHANGELOG
| -rw-r--r-- | CHANGELOG | 1 | ||||
| -rw-r--r-- | program/steps/mail/func.inc | 4 |
2 files changed, 4 insertions, 1 deletions
@@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Fix XSS vulnerability in handling of text/enriched messages (#1488806) - Fix compatybility with MDB2 2.5.0b4 (#1488779) - Fix lower-casing email address on replies (#1488598) - Fix so subscribed non-existing/non-accessible shared folder can be unsubscribed diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index 6cb7b7592..84d2dd8a8 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -743,7 +743,9 @@ function rcmail_print_body($part, $p = array()) else if ($data['type'] == 'enriched') { $part->ctype_secondary = 'html'; require_once(INSTALL_PATH . 'program/lib/enriched.inc'); - $body = Q(enriched_to_html($data['body']), 'show'); + $body = enriched_to_html($data['body']); + $body = rcmail_wash_html($body, $data, $part->replaces); + $part->ctype_secondary = 'html'; } else { // assert plaintext |