CVE-2018-17542

2019-02-11T20:29:00
ID CVE-2018-17542
Type cve
Reporter cve@mitre.org
Modified 2019-10-09T23:36:00

Description

SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request.