Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Mageia: 2021-0130 Moderate XSS Threat in Roundcube Email Client

mageia
Calendar Grey March 11, 2021
Dist Mageia Esm H88
Mageia 2021-0130 addresses a vulnerability in roundcubemail, improving defenses against cross-site scripting and bolstering overall system integrity.
This update fixes cross-site scripting (XSS) via HTML messages with malicious CSS content (CVE-2021-26925)

Summary

This update fixes cross-site scripting (XSS) via HTML messages with malicious CSS content (CVE-2021-26925).

References

- https://bugs.mageia.org/show_bug.cgi?id=28387

- https://roundcube.net/news/2021/02/08/security-update-1.4.11

- https://www.cve.org/CVERecord?id=CVE-2021-26925

Topics%20covered

Topics Covered

security advisory moderate update XSS xss malicious content roundcubemail Mageia mageia css exploit

Resolution

SRPMS

- 7/core/roundcubemail-1.4.11-1.mga7

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 12 Mar 2021
URL: https://advisories.mageia.org/MGASA-2021-0130.html
Type: security
CVE: CVE-2021-26925

Topics%20covered

Topics Covered

security advisory moderate update XSS xss malicious content roundcubemail Mageia mageia css exploit

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here