From 7d14065baa6c51346e0ec0253c06ac822f082278 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 06 May 2016 02:30:17 -0400
Subject: [PATCH] Fix XSS issue in href attribute on area tag (#5240, #5241)

---
 program/lib/Roundcube/rcube_washtml.php |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/program/lib/Roundcube/rcube_washtml.php b/program/lib/Roundcube/rcube_washtml.php
index 54c1cd8..6535e3b 100644
--- a/program/lib/Roundcube/rcube_washtml.php
+++ b/program/lib/Roundcube/rcube_washtml.php
@@ -370,7 +370,7 @@
      */
     private function is_link_attribute($tag, $attr)
     {
-        return $tag == 'a' && $attr == 'href';
+        return ($tag == 'a' || $tag == 'area') && $attr == 'href';
     }
 
     /**

--
Gitblit v1.9.1