mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF.
References
Link | Resource |
---|---|
https://github.com/mailcow/mailcow-dockerized/pull/268/commits/3c937f75ba5853ada175542d5c4849fb95eb64cd | Issue Tracking Patch |
https://www.exploit-db.com/exploits/42004/ | Exploit Third Party Advisory VDB Entry |
https://github.com/mailcow/mailcow-dockerized/pull/268/commits/3c937f75ba5853ada175542d5c4849fb95eb64cd | Issue Tracking Patch |
https://www.exploit-db.com/exploits/42004/ | Exploit Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 03:34
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/mailcow/mailcow-dockerized/pull/268/commits/3c937f75ba5853ada175542d5c4849fb95eb64cd - Issue Tracking, Patch | |
References | () https://www.exploit-db.com/exploits/42004/ - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2017-05-14 22:29
Updated : 2024-11-21 03:34
NVD link : CVE-2017-8928
Mitre link : CVE-2017-8928
CVE.ORG link : CVE-2017-8928
JSON object : View
Products Affected
mailcow
- mailcow\
CWE
CWE-352
Cross-Site Request Forgery (CSRF)