Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params. Date published : 2021-11-18 https://bugs.debi