Roundcube Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2021-44026 - Vulnerability Database

Roundcube Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2021-44026

Critical
Reference: CVE-2021-44026
Title: Roundcube Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.