AVG-199 log

Package roundcubemail
Status Fixed
Severity Medium
Type cross-site scripting
Affected 1.2.3-1
Fixed 1.2.4-1
Current 1.5.1-1 [community]
Ticket None
Created Sun Mar 12 17:48:03 2017
Issue Severity Remote Type Description
CVE-2017-6820 Medium Yes Cross-site scripting
It has been discovered that rcube_utils.php in Roundcube before 1.1.8 and before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted...
Date Advisory Package Type
14 Mar 2017 ASA-201703-10 roundcubemail cross-site scripting
Fixed as per CVE description.