Improper Authorization in modoboa

In modoboa prior to 2.1.0, sending a GET request to the endpoint /api/v2/parameters/core/ returns sensitive information without any authentication or authorization...

GHSA-67MG-GM8M-PH5R Improper Authorization in modoboa

In modoboa prior to 2.1.0, sending a GET request to the endpoint /api/v2/parameters/core/ returns sensitive information without any authentication or authorization...

CVE-2023-2228

Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.1.0...

CVE-2023-2227

Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0...

modoboa-automua (=1.0.0) potentially affected by CVE-2023-2228 via modoboa (=1.17.0)

modoboa PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on modoboa and may be impacted: - modoboa-automua =1.0.0 Source cves: CVE-2023-2228 Source advisory: OSV:PYSEC-2023-36...

modoboa-automua (=1.0.0) potentially affected by CVE-2023-2227 via modoboa (=1.17.0)

modoboa PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on modoboa and may be impacted: - modoboa-automua =1.0.0 Source cves: CVE-2023-2227 Source advisory: OSV:PYSEC-2023-35...

Authorization

Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.1.0...

PYSEC-2023-36

Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.1.0...

PYSEC-2023-35

Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0...

PYSEC-2023-36

Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.1.0...

PYSEC-2023-35

Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0...

CVE-2023-2227 Improper Authorization in modoboa/modoboa

Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0...

CVE-2023-2228 Cross-Site Request Forgery (CSRF) in modoboa/modoboa

Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.1.0...

modoboa 授权问题漏洞

modoboa is an email hosting and management platform for individual developers. An information disclosure vulnerability exists in modoboa versions prior to 2.1.0, which originates when /api/v2/parameters/core/ returns sensitive information without any authentication or authorization. An attacker c...

CVE-2023-2228 Cross-Site Request Forgery (CSRF) in modoboa/modoboa

Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.1.0...

PT-2023-18393 · Modoboa · Modoboa

Name of the Vulnerable Software and Affected Versions: modoboa versions prior to 2.1.0 Description: The issue is related to Cross-Site Request Forgery CSRF in the modoboa repository. An attacker must be logged in as an admin to exploit this issue. Recommendations: For versions prior to 2.1.0,...

PT-2023-18388 · Modoboa · Modoboa

Name of the Vulnerable Software and Affected Versions: modoboa/modoboa versions prior to 2.1.0 Description: The issue is related to improper authorization in the modoboa/modoboa GitHub repository. Specifically, sending a GET request to the endpoint "/api/v2/parameters/core/" returns sensitive...

CVE-2023-2227 Improper Authorization in modoboa/modoboa

Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0...

CVE-2023-2227

Modoboa