2 matches found
IPCop 安全漏洞
IPCop is a firewall software from IPCop Open Source. A security vulnerability exists in IPCop 2.1.9 and earlier versions that stems from the email configuration component not properly cleaning up user input, which could lead to remote code execution...
Improper handling of email input
Impact An attacker can pass a compromised input to the e-mail signin endpoint that contains some malicious HTML, tricking the e-mail server to send it to the user, so they can perform a phishing attack. Eg.: [email protected], Before signing in, claim your money!. This was previously sent to...