Since I run a big hosting company and I've been tinkering with roundcube, I noticed that you can actually access all the email accounts from other hosting accounts of a single server running on the same IP.
It can be positive as I can ask clients to access their email on a single roundcube install, therefore they dont need to go into their own cpanel or access their own horde or squirel.
It can be negative as one vulnerability can affect others not only from my own reseller account clients but from the whole server.
And I am still worried of the unresolved security issue I read somewhere. Has this been fixed?
Doesnt this have to do with you own IMAP set-up? and it's security?
I can also understand that you log on using admin rights - hence having more access than other users.