---

ASA-202506-1 - log back

ASA-202506-1 edited at 13 Jun 2025 20:33:29

ASA-202506-1 edited at 04 Jun 2025 19:27:57
Impact	- A remote attacker with access to an authenticated Roundcube session can exploit improper validation of the _from parameter to trigger PHP object deserialization, leading to arbitrary code execution. + A remote attacker with access to an authenticated Roundcube session can exploit a vulnerability leading to arbitrary code execution.

ASA-202506-1 edited at 04 Jun 2025 19:27:13
Impact	+ A remote attacker with access to an authenticated Roundcube session can exploit improper validation of the _from parameter to trigger PHP object deserialization, leading to arbitrary code execution.

ASA-202506-1 created at 04 Jun 2025 19:23:10