diff options
| author | Aleksander Machniak <alec@alec.pl> | 2012-08-15 11:20:40 +0200 |
|---|---|---|
| committer | Aleksander Machniak <alec@alec.pl> | 2012-08-15 11:21:49 +0200 |
| commit | 14c4677eede6263f26b8830917ec6e74409b80c4 (patch) | |
| tree | 3fd6ee4bb0b197a2fa75f956472394a8ad48dfc1 /CHANGELOG | |
| parent | b3206b4b2822b8c9d18c4730aa1afdf72a758f8c (diff) | |
Fix XSS issue where plain signatures wasn't secured in HTML mode (#1488613)
Diffstat (limited to 'CHANGELOG')
| -rw-r--r-- | CHANGELOG | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -1,7 +1,8 @@ CHANGELOG Roundcube Webmail =========================== -- Fix XSS issue with href="javascript:" not being removed (#1488613) +- Fix XSS issue where plain signatures wasn't secured in HTML mode (#1488613) +- Fix XSS issue where href="javascript:" wasn't secured (#1488613) - Fix impossible to create message with empty plain text part (#1488610) - Fix stripped apostrophes when replying in plain text to HTML message (#1488606) - Fix inactive Save search option after advanced search (#1488607) |