CVE-2020-12641

Roundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path. Vendor/Product: Roundcube Roundcube Webmail. Added to CISA KEV 2023-06-22; required action: Apply updates per vendor instructions.