githubFork/roundcubemail.git

Roundcubemail devel

parent: 9ba0fb96 | patch | commit | ignore whitespace

Fix XSS issue in addressbook group name field [CVE-2013-5646] (#1489333)

Aleksander Machniak

2013-09-14 2e30b24dbf3aebf4d201bc922eb7b7bc8ab8f4fd

Fix XSS issue in addressbook group name field [CVE-2013-5646] (#1489333)

2 files modified

	CHANGELOG	1 ●●●●● patch \| view \| raw \| blame \| history
	program/js/app.js	2 ●●●●● patch \| view \| raw \| blame \| history

 CHANGELOG

@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================

- Fix XSS issue in addressbook group name field [CVE-2013-5646] (#1489333)
- Fix attachment icon issue when rare font/language is used (#1489326)
- After message is sent refresh messages list of replied message folder (#1489249)
- Add option force specified domain in user login - username_domain_forced (#1489264)

 program/js/app.js

@@ -4345,7 +4345,7 @@
        boxtitle.append('&nbsp;&raquo;&nbsp;');
      }

      boxtitle.append($('<span>'+prop.name+'</span>'));
      boxtitle.append($('<span>').text(prop.name));
    }

    this.triggerEvent('groupupdate', prop);

			@@ -1,6 +1,7 @@
			CHANGELOG Roundcube Webmail
			===========================

			- Fix XSS issue in addressbook group name field [CVE-2013-5646] (#1489333)
			- Fix attachment icon issue when rare font/language is used (#1489326)
			- After message is sent refresh messages list of replied message folder (#1489249)
			- Add option force specified domain in user login - username_domain_forced (#1489264)

			@@ -4345,7 +4345,7 @@
			boxtitle.append(' » ');
			}

			boxtitle.append($('<span>'+prop.name+'</span>'));
			boxtitle.append($('<span>').text(prop.name));
			}

			this.triggerEvent('groupupdate', prop);