FAIL › dossier
Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.
| Date | Event | Sev | Flags | Shame | Summary |
|---|---|---|---|---|---|
| 2023-06-22 | CVE-2020-12641 | high | ⚡RCE ⌖KEV | 65 | Roundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path. |
| 2023-06-22 | CVE-2021-44026 | high | ⌖KEV | 50 | Roundcube Webmail is vulnerable to SQL injection via search or search_params. |
| 2023-06-22 | CVE-2020-35730 | high | ⌖KEV | 50 | Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows an attacker to send a plain text e-mail message with Javascript in a link reference element that is mishandled by linkref_addinindex in rcube_string_replacer.php. |
| 2021-11-03 | CVE-2017-16651 | high | ⌖KEV | 50 | Roundcube Webmail contains a file disclosure vulnerability caused by insufficient input validation in conjunction with file-based attachment plugins, which are used by default. |