[SOGo] Security issue #6092 needs review (email account information leak)

Victor Rubiela Fri, 07 Nov 2025 00:22:57 -0800

Yes I confirm this issue on 5.12.4. Temporary for prevent this leak wedisable search with apache conf:


# Disable searching /SOGo/so/.../usersSearch?search=...
<LocationMatch "^/SOGo/so/[^/]+/usersSearch$">
    RewriteCond %{ENV:break} ^$
    RedirectMatch 200 "^/SOGo/so/[^/]+/usersSearch$"
</LocationMatch>

[SOGo] Security issue #6092 needs review (email account information leak)

Reply via email to