Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:25257
HistoryMay 10, 2020 - 11:22 p.m.

Unauthorized Access

2020-05-1023:22:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13

EPSS

0.015

Percentile

86.9%

Roundcube Webmail is vulnerable to unauthorized access. An attacker can access arbitrary files on the host’s filesystem, including configuration files due to a flaw related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests.