From 5ef8e4ad9d3ee8689d2b83750aa65395b7cd59ee Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Wed, 15 Aug 2012 10:12:18 +0200
Subject: Fix XSS issue with href="javascript:" not being removed (#1488613)

---
 CHANGELOG | 1 +
 1 file changed, 1 insertion(+)

(limited to 'CHANGELOG')

diff --git a/CHANGELOG b/CHANGELOG
index 4e2b22a4a..932680645 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Fix XSS issue with href="javascript:" not being removed (#1488613)
 - Fix impossible to create message with empty plain text part (#1488610)
 - Fix stripped apostrophes when replying in plain text to HTML message (#1488606)
 - Fix inactive Save search option after advanced search (#1488607)
-- 
cgit v1.2.3