Fix XSS issue where plain signatures wasn't secured in HTML mode (#1488613)

author: Aleksander Machniak <alec@alec.pl> 2012-08-15 11:20:40 +0200
committer: Aleksander Machniak <alec@alec.pl> 2012-08-15 11:20:40 +0200
commit: c086978f6a91eacb339fd2976202fca9dad2ef32 (patch)
tree: 080698891e4e4cfd1e42ae7fc2efff4f11dfc062 /CHANGELOG
parent: 5ef8e4ad9d3ee8689d2b83750aa65395b7cd59ee (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 932680645..37170fc65 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,7 +1,8 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
-- Fix XSS issue with href="javascript:" not being removed (#1488613)
+- Fix XSS issue where plain signatures wasn't secured in HTML mode (#1488613)
+- Fix XSS issue where href="javascript:" wasn't secured (#1488613)
 - Fix impossible to create message with empty plain text part (#1488610)
 - Fix stripped apostrophes when replying in plain text to HTML message (#1488606)
 - Fix inactive Save search option after advanced search (#1488607)
author	Aleksander Machniak <alec@alec.pl>	2012-08-15 11:20:40 +0200
committer	Aleksander Machniak <alec@alec.pl>	2012-08-15 11:20:40 +0200
commit	c086978f6a91eacb339fd2976202fca9dad2ef32 (patch)
tree	080698891e4e4cfd1e42ae7fc2efff4f11dfc062 /CHANGELOG
parent	5ef8e4ad9d3ee8689d2b83750aa65395b7cd59ee (diff)