3 matches found
CVE-2022-45004
Gophish through 0.12.1 was discovered to contain a cross-site scripting XSS vulnerability via a crafted landing page...
CVE-2022-45004
Gophish through 0.12.1 was discovered to contain a cross-site scripting XSS vulnerability via a crafted landing page...
CVE-2022-45004
CVE-2022-45004 affects Gophish up to version 0.12.1. An XSS vulnerability exists on the landing/login page due to improper escaping of user input, allowing injection of malicious JavaScript in the victim’s browser. Documented impacts include a Medium severity (CVSS v3.1: 6.1) with network attack ...