Description Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params. Remediation References CVE-2021-44026 Related Vulnerabilities Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0093) WordPress Plugin Booking Calendar Cross-Site Scripting (7.1) PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1915) WordPress Plugin Tutor LMS-eLearning and online course solution Multiple Cross-Site Scripting Vulnerabilities (1.9.8) SharePoint CVE-2020-1446 Vulnerability (CVE-2020-1446) Severity Critical Classification CVE-2021-44026 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities