| Description: | It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitise the _session parameter in steps/utils/save_pref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and subsequently allowing random file access, manipulated SQL queries and even code execution. |