2 matches found
openSUSE Security Update : roundcubemail (openSUSE-2016-1205)
This update for roundcubemail to 1.1.6 fixes several issues boo1001856. These security issues were fixed : - Fix XSS issue in href attribute on area tag - Wash position:fixed style in HTML mail for better security These non-security issues were fixed : - Searching in both contacts and groups when...
py-djblets -- Self-XSS vulnerability
Djblets Release Notes reports: A recently-discovered vulnerability in the datagrid templates allows an attacker to generate a URL to any datagrid page containing malicious code in a column sorting value. If the user visits that URL and then clicks that column, the code will execute. The cause of...