• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Horde/Kronolyth Security Issue! (all calendars shared)

D

dennis00

Guest
I just had a ticket from one of my clients, he is able to see the calendar of another domain!

After some research I found out that more than 60 clients are able to view his calendar!

SQL view:
sharefiles.jpg

(There was a list of e-mail addresses at the last, but I left them out for privacy reasons.

This should never have been able to have happened!! How do I prevent his calendar to be shared?
 
I have no problems with hackers or remote exploiting. My problem is that 60 of my clients see the contents of another client's calendar in Horde/Kronolyth.

I updated Kronolyth to 2.1.8, this did not resolve the issue. I might try to manually remove some rows for display_cals in MySQL.
 
You must log in or register to reply here.

Similar threads

N
Issue Restrictive administrator can see everything
Replies
14
Views
4K
Change Maker
C
C
Question Strange SNI (?) issue related to IPv6 (?)
Replies
2
Views
3K
Carbon Dioxide
C
C
Issue DKIM and SPF do not align with RFC5322. Then DMARC result is fail.
Replies
2
Views
4K
cmartinez127
C
PeopleInside
Issue with Google Drive Backup
Replies
7
Views
5K
PeopleInside
PeopleInside
J
Issue Unable to Access Webmail through Plesk after service changed hands.
Replies
3
Views
5K
Peter Debik
P
Back
Top