User bypassing disabled features?

E

esaesa

Member
Mar 6, 2014
17
3
53
Egypt
cPanel Access Level
Root Administrator
Hi
In feature manager i disabled the feature of "Email Filters". now it is not exist in the menu of webmail. but when the logged in user change the url
........../webmail/paper_lantern/index.html
to
........./webmail/paper_lantern/mail/filters/editfilter.html?account=&filtername=

he can access to the feature gui.

Is is a security issue?
 
cPanelJackson

cPanelJackson

Release Manager
Staff member
Aug 12, 2010
42
11
133
cPanel Access Level
Root Administrator
Hi there,

I have opened CPANEL-17107 to address this issue, and you should see it mentioned in our changelogs once a fix is available. In the future, potential security issues should be reported to [email protected].


Thanks!
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
W Why we need to click "Go back" instead of auto redirect after creating/deleting database, database user, sub-domain etc? User Experience 2
R Can't login to my C Panel server hosting. Wrong user or password. How to reset? User Experience 6
G Where/how to change the webmail theme/interface my endusers see User Experience 1
A Error while trying to access user cPanel page User Experience 3
Rogerio Error when Reseller changes Current User in cPanel Account User Experience 13
Similar threads
Why we need to click "Go back" instead of auto redirect after creating/deleting database, database user, sub-domain etc?
Can't login to my C Panel server hosting. Wrong user or password. How to reset?
Where/how to change the webmail theme/interface my endusers see
Error while trying to access user cPanel page
Error when Reseller changes Current User in cPanel Account
Top Bottom