Thomascube

**Name of the Vulnerable Software and Affected Versions** Roundcube Webmail versions prior to 1.1.5 **Description** A cross-site request forgery (CSRF) issue allows remote attackers to hijack user authentication for requests that download attachments, potentially causing a denial of service due to disk consumption. **Recommendations** For versions prior to 1.1.5, update to version 1.1.5 or later to resolve the issue.