From b782815dacda55eee6793249b5da1789256206fc Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sat, 30 May 2015 11:37:06 -0400
Subject: [PATCH] Fix XSS vulnerability in _mbox argument handling (#1490417)

---
 program/include/rcmail_output.php |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/program/include/rcmail_output.php b/program/include/rcmail_output.php
index 0f7aaf9..76ff4e7 100644
--- a/program/include/rcmail_output.php
+++ b/program/include/rcmail_output.php
@@ -28,6 +28,7 @@
 abstract class rcmail_output extends rcube_output
 {
     const JS_OBJECT_NAME = 'rcmail';
+    const BLANK_GIF      = 'R0lGODlhDwAPAIAAAMDAwAAAACH5BAEAAAAALAAAAAAPAA8AQAINhI+py+0Po5y02otnAQA7';
 
     public $type = 'html';
     public $ajax_call = false;

--
Gitblit v1.9.1