PT-2018-19292 — Courier+4 Courier-Imap+4

PT-2018-19292 · Courier+4 · Courier-Imap+4

Published

2018-11-21

Updated

2018-11-21

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Roundcube Webmail version 1.3

Description A security issue has been reported in Roundcube Webmail, related to the handling of invalid style tag content, which can lead to an XSS issue. This release also includes fixes for several bugs and updates for compatibility with PHP 7.3 and recent versions of Courier-IMAP, Dovecot, and MySQL 8.

Recommendations For Roundcube Webmail version 1.3, update to the latest service release to fix the security issue and apply the other fixes and compatibility updates.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

MGASA-2018-0463

Affected Products

Courier-Imap

Dovecot

Mysql Server

Php

Roundcube Webmail