Vulnerability in Horde – RCE vulnerability
CVE-2022-30287 RCE Vulnerability reportedly discovered in horde.
The discovered zero-day cross-site scripting (XSS) vulnerability (CVE-2022-30287 RCE Vulnerability) in the Horde webmail client allows an authenticated user to execute arbitrary code on the underlying server. The vulnerability exists in the default configuration and can be exploited without knowledge of the configuration of the targeted Horde instance.
The security flaw can give an attacker access to all information a victim has stored in their email account and could allow them to gain further access to the internal services of an organization.
Workaround
The cPanel development team is actively working on a resolution for this issue. Until this is published, we recommend that our clients disable horde using the method below.
Sign into WHM as the Root user >> Tweak Settings >> Mail >> Enable Horde Webmail ( OFF )
If you need assistance in managing the same, you can check our cPanel Server Management for more details. Our team will be available 24×7 for assistance.