Roundcubemail官网安全更新(2023-10-16)

情报来源:TSRC

发布时间:2023-10-16

返回
基本信息
  • 发布日期2023-10-16
  • 感知时间2023-10-16
  • 漏洞类型安全更新
  • 风险等级未知
  • 更新版本1.6.4
  • 情报贡献TSRC
更新标题

安全更新

更新详情

This is a security update to the stable version 1.6 of Roundcube Webmail.<br/>It provides a fix to a recently reported XSS vulnerability:<br/><br/>- Fix cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages (#9168) reported separately by Matthieu Faou (ESET) and Denys Klymenko.<br/><br/>This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating!<br/><br/>## CHANGELOG<br/><br/>- Fix PHP8 warnings (#9142, #9160)<br/>- Fix default &amp;#039;mime.types&amp;#039; path on Windows (#9113)<br/>- Managesieve: Fix javascript error when relational or spamtest extension is not enabled (#9139)<br/>- Fix cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages (#9168)

软件描述

暂无

CVE编号

暂无

Knowsafe分析

暂无

业界资讯

暂无

来源链接

https://github.com/roundcube/roundcubemail/releases/tag/1.6.4

在线咨询
AiDeep Ued

Copyright © 2015 KnowSafe All rights reserved.

公司地址:成都市高新区天府大道北段1700号

业务邮箱:Sales@knowsafe.com

资产安全
DeepEye(深瞳)
Hades(漏洞扫描)
xSRC
威胁情报
商业安全
iTrust联合信任
SSL证书
安全服务
安全测试
应急响应
代码审计
安全加固
安全培训
关于我们
公司简介
联系我们
白帽入驻
合作伙伴
品牌规范
关注我们
微信扫码关注公众号
蜀ICP备15025492号 川公网安备 51019002000540号
iTrust