diff options
| author | Aleksander Machniak <alec@alec.pl> | 2012-06-08 09:22:49 +0200 |
|---|---|---|
| committer | Aleksander Machniak <alec@alec.pl> | 2012-06-08 09:22:49 +0200 |
| commit | a7d5e3e8580466639a18da35af13b97dc3765c16 (patch) | |
| tree | 4598c6ce454593442d1c6ceb3d7e5151450bc3e9 | |
| parent | 51809bd66c3dc08fb578950a0394c8603a419b9e (diff) | |
Fix XSS vulnerability in message subject handling using Larry skin (#1488519)
| -rw-r--r-- | CHANGELOG | 1 | ||||
| -rw-r--r-- | program/steps/mail/func.inc | 2 |
2 files changed, 2 insertions, 1 deletions
@@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Fix XSS vulnerability in message subject handling using Larry skin (#1488519) - Fix handling of links with various URI schemes e.g. "skype:" (#1488106) - Fix handling of links inside PRE elements on html to text conversion - Fix indexing of links on html to text conversion diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index 854298d8b..208b2b345 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -947,7 +947,7 @@ function rcmail_message_headers($attrib, $headers=NULL) // single header value is requested if (!empty($attrib['valueof'])) - return Q($plugin['output'][$attrib['valueof']]['value'], ($hkey == 'subject' ? 'strict' : 'show')); + return Q($plugin['output'][$attrib['valueof']]['value'], ($attrib['valueof'] == 'subject' ? 'strict' : 'show')); // compose html table $table = new html_table(array('cols' => 2)); |