Release overview
Release Date: 28 January 2015
Release Versions: On-Premises v7.5.3.2
⚠ Please Note:
Version 7.5.3.2 contains security fixes for the atmail 7.5.3 release. For full details on the atmail 7.5.3 release, please review the 7.5.3 and 7.5.3.1 changelogs.
Defect Fixes
Security Fix
|
Component/s Impacted
|
Impact Category
|
Issue Outline
|
Impact Description / New User Experience
|
User/s Impacted
|
|---|---|---|---|---|
|
Email, Message View, Web User Interface
|
Security
|
Stored XSS in received email. A user can be exploited by simply opening an email they have received that contains maliciously crafted content.
|
Code execution can occur on unescaped event handlers for SVG elements.
|
End users who use the webmail interface.
|
Comments