Horde webmail multiple vulnerabilities

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,273
313
Houston
Hello,


1. The link you provided was dead, it looks like it redirects to https but they are having an issue with SSL right now.​
Screenshot at Mar 17 12-39-00.png


2. Please do not add 3rd party links of any kind here see Forums Guidelines and FAQ
3. The only vulnerability I'm aware of that affected horde was CVE-2019-9858 which we patched with CPANEL-28095 which was fixed with version 82 of cPanel & WHM. You can see this referenced in the change logs here: 82 Change Log | cPanel & WHM Documentation
 

nickgr67

Member
Mar 8, 2019
16
3
3
Greece
cPanel Access Level
Root Administrator
Sorry, i was not aware about the link restriction

You can search google for "horde webmail exploit" and filter last week results

It is posted an many security related web sites like packetstormsecurity and may others
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,273
313
Houston
Hello,

You can search google for "horde webmail exploit" and filter last week results

That's exactly what I did and found CVE-2019-9858 - which seemed to be the only one that was relevant and this was patched.
 

nickgr67

Member
Mar 8, 2019
16
3
3
Greece
cPanel Access Level
Root Administrator
Hello


Since links are not allowed, please see attached image

It is about Horde Groupware Webmail Edition 5.2.22 , the current cpanel version, and posts are one week old



hordewebmail.png
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,273
313
Houston
RIght, I too can google. But the vulnerability I found previously was ALL related to the same one, which I linked to you. There is a new one which is from 3-14 CVE-2020-8518 which has also been patched per CPANEL-31944

Next time you'vee got a question of this nature, I'd advise you to provide the ACTUAL CVE number rather than your google search.