Product
Multiple vulnerabilities, including Server-Side Request Forgery (SSRF), Cross-Site Scripting (XSS), and Denial of Service (DoS), have been discovered in Roundcube Webmail versions 1.6.x prior to 1.6.17 and 1.7.x prior to 1.7.2, allowing remote attackers to impact service availability and potentially execute malicious code or access internal resources.