270 matches found
CVE-2023-0470
Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...
CVE-2023-0398
Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.0.4...
CVE-2023-5689
Cross-site Scripting XSS - DOM in GitHub repository modoboa/modoboa prior to 2.2.2...
CVE-2023-2228
Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.1.0...
CVE-2019-19702
The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this to perform a denial of service against the DMARC reporting functionality, such as by referencing the /dev/random file within XML...
The vulnerability of the modoboa/modoboa mail server, related to the manipulation of inter-site requests, allows attackers to compromise the integrity and accessibility of protected information.
The vulnerability of the modoboa/modoboa mail server is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of the protected information...
Cross-Site Request Forgery (CSRF)
modoboa is vulnerable to Cross-Site Request Forgery CSRF. An attacker could exploit this vulnerability by sending a specially crafted email or link to a victim. The email or link would contain a malicious CSRF token that would allow the attacker to perform actions on the victim's modoboa account,...
Cross-site Scripting (XSS)
modoboa is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the profile page due to improper input sanitization when switching languages, which allows an attacker to inject malicious JavaScript...
Cross-site Scripting (XSS)
modoboa is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the listen function of twocolsnav.js due to improper handling of profile forms when displaying error messages which allows an attacker to inject and execute arbitrary JavaScript...
GHSA-57CR-RQ3F-PPMX modoboa Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.2.2...
modoboa-automua (=1.0.0) potentially affected by CVE-2023-5690 via modoboa (=1.17.0)
modoboa PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on modoboa and may be impacted: - modoboa-automua =1.0.0 Source cves: CVE-2023-5690 Source advisory: OSV:GHSA-57CR-RQ3F-PPMX...
modoboa Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.2.2...
modoboa-automua (=1.0.0) potentially affected by CVE-2023-5688 via modoboa (=1.17.0)
modoboa PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on modoboa and may be impacted: - modoboa-automua =1.0.0 Source cves: CVE-2023-5688 Source advisory: OSV:GHSA-PQGM-9G82-WCM7...
modoboa-automua (=1.0.0) potentially affected by CVE-2023-5689 via modoboa (=1.17.0)
modoboa PYPI version =1.17.0 is affected by a known vulnerability. The following packages have a transitive dependency on modoboa and may be impacted: - modoboa-automua =1.0.0 Source cves: CVE-2023-5689 Source advisory: OSV:GHSA-9WJ3-CFQ8-WPVJ...
modoboa Cross-site Scripting vulnerability
Cross-site Scripting XSS - DOM in GitHub repository modoboa/modoboa prior to 2.2.2...
GHSA-PQGM-9G82-WCM7 modoboa Cross-site Scripting vulnerability
Cross-site Scripting XSS - DOM in GitHub repository modoboa/modoboa prior to 2.2.2...
GHSA-9WJ3-CFQ8-WPVJ modoboa Cross-site Scripting vulnerability
Cross-site Scripting XSS - DOM in GitHub repository modoboa/modoboa prior to 2.2.2...
modoboa Cross-site Scripting vulnerability
Cross-site Scripting XSS - DOM in GitHub repository modoboa/modoboa prior to 2.2.2...
CVE-2023-5690
Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.2.2...
CVE-2023-5688
Cross-site Scripting XSS - DOM in GitHub repository modoboa/modoboa prior to 2.2.2...