From b3206b4b2822b8c9d18c4730aa1afdf72a758f8c Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Wed, 15 Aug 2012 04:13:17 -0400
Subject: [PATCH] Fix XSS issue with href="javascript:" not being removed (#1488613)

---
 CHANGELOG |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 64d3967..ba1ab48 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Fix XSS issue with href="javascript:" not being removed (#1488613)
 - Fix impossible to create message with empty plain text part (#1488610)
 - Fix stripped apostrophes when replying in plain text to HTML message (#1488606)
 - Fix inactive Save search option after advanced search (#1488607)

--
Gitblit v1.9.1