Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:36 p.m.10 views

CVE-2022-39258

mailcow is a mailserver suite. A vulnerability innversions prior to 2022-09 allows an attacker to craft a custom Swagger API template to spoof Authorize links. This could redirect a victim to an attacker controller place to steal Swagger authorization credentials or create a phishing page to stea...

8.2CVSS6.6AI score0.00632EPSS
Exploits1References1
CVE
CVE
added 2022/09/27 3:10 p.m.365 views

CVE-2022-39258

The CVE-2022-39258 issue affects mailcow (mailserver suite) prior to 2022-09, where an attacker could craft a custom Swagger API template to spoof Authorize links, potentially redirecting victims to an attacker-controlled page to steal Swagger authorization credentials or enable phishing. Root ca...

8.2CVSS8AI score0.00632EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/27 3:10 p.m.8 views

CVE-2022-39258 mailcow-dockerized critical information misrepresentation can lead to phishing attacks through Swagger UI

mailcow is a mailserver suite. A vulnerability innversions prior to 2022-09 allows an attacker to craft a custom Swagger API template to spoof Authorize links. This could redirect a victim to an attacker controller place to steal Swagger authorization credentials or create a phishing page to stea...

8.1CVSS8.3AI score0.00632EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/09/27 3:10 p.m.13 views

CVE-2022-39258 mailcow-dockerized critical information misrepresentation can lead to phishing attacks through Swagger UI

mailcow is a mailserver suite. A vulnerability innversions prior to 2022-09 allows an attacker to craft a custom Swagger API template to spoof Authorize links. This could redirect a victim to an attacker controller place to steal Swagger authorization credentials or create a phishing page to stea...

8.1CVSS8.3AI score0.00632EPSS
Exploits1References2
Rows per page
Query Builder