MGASA-2020-0481 - Updated roundcubemail package fixes security vulnerability Publication date: 29 Dec 2020 URL: https://advisories.mageia.org/MGASA-2020-0481.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-35730 Fixes stored cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content. (CVE-2020-35730). References: - https://bugs.mageia.org/show_bug.cgi?id=27957 - https://github.com/roundcube/roundcubemail/releases/tag/1.3.16 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35730 SRPMS: - 7/core/roundcubemail-1.3.16-1.mga7