XSS in handling an attachment’s filename extension when displaying a MIME type warning message (CVE-2021-44025). Potential SQL injection via search or search_params (CVE-2021-44026).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | roundcubemail | < 1.5.2-1 | roundcubemail-1.5.2-1.mga8 |