Horde Webmail Vulnerability – Incident details

Started

June 10, 2022 at 4:07 AM

Status

Resolved after about 1 month

Impact

Operational

Affected

Cloud Web Hosting

Cloud Reseller Hosting

Cloud WordPress Hosting

Resolved
July 18, 2022 at 7:44 AM
Resolved
July 18, 2022 at 7:44 AM
The vulnerability has been patched. Horde Webmail is now enabled and can be accessed using webmail.
Identified
June 10, 2022 at 4:07 AM
Identified
June 10, 2022 at 4:07 AM
An RCE vulnerability was recently discovered in horde, which can be exploited with the only requirement being that the victim opens a malicious email.

Horde Webmail has been currently disabled until a patch is released.

Please note, you can still access webmail using Roundcube.