Medium severity4.3NVD Advisory· Published Jun 24, 2019· Updated Jun 17, 2026
CVE-2019-12938
CVE-2019-12938
Description
The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attackers can read logs via the webmail/logs/sendmail URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Analogic/Poste.iodescription
Patches
Vulnerability mechanics
References
2- bitbucket.org/analogic/mailserver/issues/665/posteio-logs-leaknvdExploitIssue TrackingThird Party Advisory
- poste.io/changelognvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.