This indicates the detection of an attack attempt against a cross-site request forgery (CSRF) vulnerability in Roundcube Webmail.
The vulnerability is due to insufficient sanitizing of HTTP requests on the application. A remote attacker can exploit this to hijack user authentication requests.
Roundcube webmail version 1.1.4 and before.
Information Spoofing: Remote attackers can spoof data of vulnerable systems.
Upgrade to the latest version available from