Vulnerabilities (CVE)

Filtered by vendor Analogic Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-12938 1 Analogic 1 Poste.io 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attackers can read logs via the webmail/logs/sendmail URI.