We just published a security update to the LTS version 1.4 of Roundcube Webmail. It provides a fix to a recently reported XSS vulnerability:
See the full changelog in the release notes in the release notes on the Github download page.
We strongly recommend to update all productive installations of Roundcube 1.4.x with this new version.
sudo dnf upgrade --refresh --advisory=FEDORA-2022-95d576ed06
Please login to add feedback.