RSS   Vulnerabilities for 'Poste.io'   RSS

2019-06-24
 
CVE-2019-12938

 

 
The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attackers can read logs via the webmail/logs/sendmail URI.

 


Copyright 2021, cxsecurity.com

 

Back to Top