Plesk for Linux
kb: technical
Applicable to:
- Plesk for Linux
Situation
Vulnerabilities CVE-2021-44025 and CVE-2021-44026 were discovered in Roundcube.
Impact
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message.
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params
.
Call to Action
The vulnerability was fixed and shipped in Plesk Obsidian 18.0.40 #1. Consider updating the Plesk server as per the following article.
Comments
0 comments
Please sign in to leave a comment.