• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

Horde/Kronolyth Security Issue! (all calendars shared)

D

dennis00

Guest
I just had a ticket from one of my clients, he is able to see the calendar of another domain!

After some research I found out that more than 60 clients are able to view his calendar!

SQL view:
sharefiles.jpg

(There was a list of e-mail addresses at the last, but I left them out for privacy reasons.

This should never have been able to have happened!! How do I prevent his calendar to be shared?
 
I have no problems with hackers or remote exploiting. My problem is that 60 of my clients see the contents of another client's calendar in Horde/Kronolyth.

I updated Kronolyth to 2.1.8, this did not resolve the issue. I might try to manually remove some rows for display_cals in MySQL.
 
You must log in or register to reply here.

Similar threads

N
Issue Restrictive administrator can see everything
Replies
14
Views
3K
Change Maker
C
C
Question Strange SNI (?) issue related to IPv6 (?)
Replies
2
Views
2K
Carbon Dioxide
C
C
Issue DKIM and SPF do not align with RFC5322. Then DMARC result is fail.
Replies
2
Views
3K
cmartinez127
C
PeopleInside
Issue with Google Drive Backup
Replies
7
Views
4K
PeopleInside
PeopleInside
J
Issue Unable to Access Webmail through Plesk after service changed hands.
Replies
3
Views
4K
Peter Debik
P
Back
Top