Description
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.
Remediation
References
Related Vulnerabilities
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-35626)
Squid Improper Input Validation Vulnerability (CVE-2016-2570)
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.4)
WordPress 5.3.x PHP Object Injection (5.3 - 5.3.7)
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-49586)