Articles in this section

How to train SpamAssassin on Plesk server?
How to exclude a domain from DMARC check in Plesk for Linux
SpamAssassin rules can't be updated on CentOS 7 server with Plesk: config: SpamAssassin failed to parse line, is not valid for "util_rb_3tld"
Is Roundcube 1.4 secured against CVE-2026-25916 and CVE-2026-26079 in Plesk?
Integrating SmarterMail 100.0.9560 with Plesk fails: Login failure: Missing auth
Dovecot IMAP crashes on a Plesk server with Ubuntu 24.04: Panic: file imap-sieve-storage.c: line 216 (imap_sieve_add_mailbox_event): assertion failed
Unable to start Amavis: ERROR: MISSING REQUIRED ADDITIONAL MODULES: DBD::MariaDB
Unable to send or receive email with Plesk Email Security extension installed
It is not possible to receive messages coming from a specific domain to a specific mailbox on a Linux Plesk server. What can be checked?
How to configure Apache Solr search for Dovecot?
See more

CVE-2022-30287: Vulnerability in Horde

Samuel Figueredo

Updated January 13, 2026 19:08

Plesk for Windows Plesk for Linux kb: technical

Applicable to:

Plesk for Linux
Plesk for Windows

Situation

CVE-2022-30287 vulnerability was discovered in Horde.

Impact

The discovered code vulnerability allows an authenticated user of a Horde instance to execute arbitrary code on the underlying server.

Call to action

The vulnerability was fixed in Horde Turba version 4.2.27 and shipped in Plesk Obsidian 18.0.44 #3. Consider updating the Plesk server as per the following article.

Comments

0 comments

Please sign in to leave a comment.