From 4312dc4efecb9553fcacfab0ab9d9ee6e88477e7 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 26 Apr 2020 07:59:47 +0200
Subject: [PATCH] Fix XSS issue in handling of CDATA in HTML messages

---
 program/lib/Roundcube/rcube_washtml.php | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/program/lib/Roundcube/rcube_washtml.php b/program/lib/Roundcube/rcube_washtml.php
index 955b1d4e5..8bd885a07 100644
--- a/program/lib/Roundcube/rcube_washtml.php
+++ b/program/lib/Roundcube/rcube_washtml.php
@@ -472,9 +472,6 @@ class rcube_washtml
                 break;
 
             case XML_CDATA_SECTION_NODE:
-                $dump .= $node->nodeValue;
-                break;
-
             case XML_TEXT_NODE:
                 $dump .= htmlspecialchars($node->nodeValue);
                 break;