View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0006047 | SOGo | Backend General | public | 2024-10-11 12:16 | 2024-10-11 15:50 |
Reporter | qhivert | Assigned To | qhivert | ||
Priority | immediate | Severity | major | Reproducibility | always |
Status | assigned | Resolution | open | ||
Product Version | 5.11.1 | ||||
Summary | 0006047: CRITICAL SECURITY error with 5.11.1 and parameter SOGoForbidUnknownDomainsAuth | ||||
Description | The 5.11.1 introduce a new parameter SOGoForbidUnknownDomainsAuth, by default set at NO. DO NOT SET THIS PARAMETER TO YES as it introduces a critical security error allowing your user to authenticate to the webmail with any password. The mail with not works as the imap is not the correct one. But calendars and contacts will work. Letting this parameter unset, or set at NO is OK. Alinto's working on a fix and new release as soon as possible. | ||||
Tags | No tags attached. | ||||