273 matches found
CVE-2023-2228 Cross-Site Request Forgery (CSRF) in modoboa/modoboa
Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.1.0...
modoboa 跨站请求伪造漏洞
modoboa is an email hosting and management platform for individual developers. A cross-site request forgery vulnerability exists in modoboa versions prior to 2.1.0, which stems from /admin/accounts/id/edit/?activetab=default does not adequately validate that the request is from a trusted user. An...
CVE-2023-2227
Modoboa
CVE-2023-2228
CVE-2023-2228 affects modoboa/modoboa prior to 2.1.0. The issue is a Cross-Site Request Forgery (CSRF) vulnerability in /admin/accounts/{id}/edit/?active_tab=default, stemming from insufficient request validation. Exploitation requires an authenticated admin user, potentially enabling changes to ...
CVE-2023-2228 Cross-Site Request Forgery (CSRF) in modoboa/modoboa
Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.1.0...
CVE-2023-2227 Improper Authorization in modoboa/modoboa
Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0...
CVE-2023-2227 Improper Authorization in modoboa/modoboa
Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0...
modoboa-automua (=1.0.0) potentially affected by CVE-2023-2160 via modoboa (=1.17.0)
modoboa PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on modoboa and may be impacted: - modoboa-automua =1.0.0 Source cves: CVE-2023-2160 Source advisory: OSV:GHSA-9GXX-32P7-FF7M...
GHSA-9GXX-32P7-FF7M Modoboa has Weak Password Requirements
Modoboa 2.0.5 and prior allows users to set unsafe passwords, such as 1 or HACK. This issue is fixed in commit 130257c96a2392ada795785a91178e656e27015c and is part of version 2.1.0...
Modoboa has Weak Password Requirements
Modoboa 2.0.5 and prior allows users to set unsafe passwords, such as 1 or HACK. This issue is fixed in commit 130257c96a2392ada795785a91178e656e27015c and is part of version 2.1.0...
CVE-2023-2160
Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0...
modoboa-automua (=1.0.0) potentially affected by CVE-2023-2160 via modoboa (=1.17.0)
modoboa PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on modoboa and may be impacted: - modoboa-automua =1.0.0 Source cves: CVE-2023-2160 Source advisory: OSV:PYSEC-2023-34...
PYSEC-2023-34
Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0...
PYSEC-2023-34
Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0...
modoboa 安全漏洞
modoboa is an email hosting and management platform for individual developers. A security vulnerability exists in modoboa versions prior to 2.1.0, which can be exploited to bypass a strong password policy by removing specific parameters and setting the password to 1...
CVE-2023-2160 Weak Password Requirements in modoboa/modoboa
Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0...
PT-2023-18286 · Modoboa · Modoboa
Name of the Vulnerable Software and Affected Versions: modoboa/modoboa versions prior to 2.1.0 Description: The issue is related to weak password requirements in the modoboa/modoboa GitHub repository. Users can set unsafe passwords, such as 1 or HACK. This issue is fixed in version 2.1.0...
CVE-2023-2160
The CVE pertains to modoboa/modoboa with weak password requirements prior to version 2.1.0. Several connected sources confirm that users could set unsafe passwords (e.g., 1, HACK) due to weak password policy, and that this was fixed in commit 130257c96a2392ada795785a91178e656e27015c and is addres...
CVE-2023-2160 Weak Password Requirements in modoboa/modoboa
Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0...
CVE-2023-2160 Weak Password Requirements in modoboa/modoboa
Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0...