This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for roundcubemail fixes the following issues :
- A maliciously crafted email could cause untrusted code
to be executed (cross site scripting using $lt;area
- Avoid HTML styles that could cause potential click
- A maliciously crafted FROM value could cause extra
parameters to be passed to the sendmail command
- Avoid sending completely empty text parts for
- Don't create multipart/alternative messages with empty
- Improved validation of FROM argument when sending mails
See also :
Update the affected roundcubemail package.
Risk factor :