An issue that affects the Roundcube webmail application has been fixed

Apr 5, 2013 13:03 GMT  ·  By

cPanel has released security updates for all supported versions of cPanel & WHM to address a vulnerability that impacts the Roundcube webmail application. 

The security hole could have been exploited by a local unauthenticated user to gain access to sensitive information from other accounts on the system.

The vulnerability has been catalogued as “Important,” which indicates the fact that it can be leveraged to compromise system authentication levels.

Versions 11.36.0.20, 11.34.1.13 and 11.32.6.4 are impacted by the flaw.

Users are advised to apply the updates as soon as possible. Customers who have configured cPanel & WHM servers to update automatically don’t have to do anything.

Those who have disabled automatic updates will have to manually install the new releases.

The latest updates can be downloaded from here.