CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

270 matches found

Veracode•added 2023/03/10 3:54 a.m.•14 views

Cross-site Scripting (XSS)

modoboa is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the maketag function in the Listing.prototype object of listing.js as it does not properly encode the html attribute, allowing an attacker to inject and execute malicious JavaScript into the browser...

4.8CVSS5.3AI score0.00494EPSS

Exploits1References5Affected Software1

vulnersOsv•added 2023/02/22 9:30 a.m.•2 views

modoboa-automua (=1.0.0) potentially affected by CVE-2023-0949 via modoboa (=1.17.0)

modoboa PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on modoboa and may be impacted: - modoboa-automua =1.0.0 Source cves: CVE-2023-0949 Source advisory: OSV:GHSA-MGMM-CMHJ-2H5F...

4.8CVSS5.8AI score0.00494EPSS

Exploits1

OSV•added 2023/02/22 9:30 a.m.•16 views

GHSA-MGMM-CMHJ-2H5F modoboa Cross-site Scripting vulnerability

Cross-site Scripting XSS - Reflected in GitHub repository modoboa/modoboa prior to 2.0.45...

4.8CVSS4.8AI score0.00494EPSS

Exploits1References5

Github Security Blog•added 2023/02/22 9:30 a.m.•19 views

modoboa Cross-site Scripting vulnerability

Cross-site Scripting XSS - Reflected in GitHub repository modoboa/modoboa prior to 2.0.45...

4.8CVSS5.1AI score0.00494EPSS

Exploits1References5Affected Software1

NVD•added 2023/02/22 9:15 a.m.•12 views

CVE-2023-0949

Cross-site Scripting XSS - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5...

4.8CVSS4.9AI score0.00494EPSS

Exploits1References2

vulnersOsv•added 2023/02/22 9:15 a.m.•2 views

modoboa-automua (=1.0.0) potentially affected by CVE-2023-0949 via modoboa (=1.17.0)

4.8CVSS5.8AI score0.00494EPSS

Exploits1

Prion•added 2023/02/22 9:15 a.m.•13 views

Cross site scripting

Cross-site Scripting XSS - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5...

4.3CVSS4.9AI score0.00494EPSS

Exploits1References2Affected Software1

PyPA•added 2023/02/22 9:15 a.m.•4 views

PYSEC-2023-33

Cross-site Scripting XSS - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5...

4.8CVSS6.2AI score0.00494EPSS

Exploits1References4Affected Software1

OSV•added 2023/02/22 9:15 a.m.•21 views

PYSEC-2023-33

Cross-site Scripting XSS - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5...

4.8CVSS4.9AI score0.00494EPSS

Exploits1References4

Vulnrichment•added 2023/02/22 12:0 a.m.•3 views

CVE-2023-0949 Cross-site Scripting (XSS) - Reflected in modoboa/modoboa

Cross-site Scripting XSS - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5...

4.8CVSS5AI score0.00494EPSS

Exploits1References2

OSV•added 2023/02/22 12:0 a.m.•24 views

CVE-2023-0949 Cross-site Scripting (XSS) - Reflected in modoboa/modoboa

Cross-site Scripting XSS - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5...

4.8CVSS5AI score0.00494EPSS

Exploits1References4

Positive Technologies•added 2023/02/22 12:0 a.m.•2 views

PT-2023-16635 · Modoboa · Modoboa

Name of the Vulnerable Software and Affected Versions: modoboa/modoboa versions prior to 2.0.5 Description: The issue is related to Cross-site Scripting XSS - Reflected. This is a type of security vulnerability that occurs when an application includes user input in its output without proper...

4.8CVSS4.7AI score0.00494EPSS

Exploits1References10

CNNVD•added 2023/02/22 12:0 a.m.•3 views

modoboa 跨站脚本漏洞

modoboa is an email hosting and management platform for individual developers. A cross-site scripting vulnerability exists in versions prior to modoboa 2.0.5. An attacker can exploit this vulnerability to perform cross-site scripting attacks...

4.8CVSS4.8AI score0.00494EPSS

Exploits1References3

Cvelist•added 2023/02/22 12:0 a.m.•17 views

CVE-2023-0949 Cross-site Scripting (XSS) - Reflected in modoboa/modoboa

Cross-site Scripting XSS - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5...

4.8CVSS5.2AI score0.00494EPSS

Exploits1References2

CVE•added 2023/02/22 12:0 a.m.•56 views

CVE-2023-0949

Modoboa (modoboa/modoboa) is affected by a reflected Cross-site Scripting (XSS) in versions prior to 2.0.5. The underlying issue is user input reflected in output without sufficient sanitization, enabling XSS. A patch/fix is available in version 2.0.5 and later; upgrade to 2.0.5+ to mitigate. Oth...

4.8CVSS4.9AI score0.00494EPSS

Exploits1References2Affected Software1

Veracode•added 2023/02/20 5:53 a.m.•18 views

Authentication Bypass

modoboa is vulnerable to authentication bypass. The vulnerability exists due to lack of check conditions in the API throttling which allows an unauthorized user to perform brute-forcing attacks and gain access to the system...

9.8CVSS9.1AI score0.15088EPSS

Exploits4References5Affected Software1

vulnersOsv•added 2023/02/16 12:30 p.m.•3 views

modoboa-automua (=1.0.0) potentially affected by CVE-2023-0860 via modoboa (=1.17.0)

7.8CVSS7AI score0.00653EPSS

Exploits1

OSV•added 2023/02/16 12:30 p.m.•18 views

GHSA-Q9WW-GJPW-P9G6 Improper Restriction of Excessive Authentication Attempts in modoboa

Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4...

7.5CVSS7.5AI score0.00653EPSS

Exploits1References4

Github Security Blog•added 2023/02/16 12:30 p.m.•20 views

Improper Restriction of Excessive Authentication Attempts in modoboa

Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4...

7.8CVSS7.4AI score0.00653EPSS

Exploits1References4Affected Software1

NVD•added 2023/02/16 10:15 a.m.•27 views

CVE-2023-0860

Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4...

7.8CVSS7.6AI score0.00653EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by