Undergoing Analysis
This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary.
Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.