CVE-2017-16651

Roundcube Webmail contains a file disclosure vulnerability caused by insufficient input validation in conjunction with file-based attachment plugins, which are used by default. Vendor/Product: Roundcube Roundcube Webmail. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.