From ${URL} : Fix XSS issue in style attribute handling (#1490227) @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
Setting Dependency on Bug #534766 for cleanup No GLSA for Cross Site Scripting.
CVE-2015-1433 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1433): program/lib/Roundcube/rcube_washtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the style attribute in an email.
Maintainer(s), Thank you for cleanup! Closing noglsa.