Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

User bypassing disabled features?

Discussion in 'User Experience' started by esaesa, Nov 25, 2017.

Tags:
  1. esaesa

    esaesa Member

    Joined:
    Mar 6, 2014
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hi
    In feature manager i disabled the feature of "Email Filters". now it is not exist in the menu of webmail. but when the logged in user change the url
    ........../webmail/paper_lantern/index.html
    to
    ........./webmail/paper_lantern/mail/filters/editfilter.html?account=&filtername=

    he can access to the feature gui.

    Is is a security issue?
     
  2. cPanelJackson

    cPanelJackson Release Manager
    Staff Member

    Joined:
    Aug 12, 2010
    Messages:
    40
    Likes Received:
    11
    Trophy Points:
    133
    cPanel Access Level:
    Root Administrator
    Hi there,

    I have opened CPANEL-17107 to address this issue, and you should see it mentioned in our changelogs once a fix is available. In the future, potential security issues should be reported to security@cpanel.net.


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice