Roundcube: >> Webmail >> 0.2.3 Security Vulnerabilities
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is processed by the preg_replace function with the eval switch.
CVSS Score
10.0
EPSS Score
0.777
Published
2008-12-17