8.2 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.2%
The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password.
www.securityfocus.com/bid/96387
github.com/roundcube/roundcubemail/issues/4757