Roundcube · Roundcube · CVE-2021-44025
Name of the Vulnerable Software and Affected Versions:
Roundcube versions prior to 1.3.17
Roundcube versions 1.4.x prior to 1.4.12
Description:
The issue is related to XSS in handling an attachment's filename extension when displaying a MIME type warning message.
Recommendations:
For versions prior to 1.3.17, update to version 1.3.17 or later.
For versions 1.4.x prior to 1.4.12, update to version 1.4.12 or later.