Mars: Google dork lead to unsubscribe anyone from all Banfield emails

The vulnerability allowed an attacker to unsubscribe any Banfield user from their emails without authentication or authorization. The vulnerability was discovered through a Google dork search that led to an endpoint where the attacker could provide an email address to unsubscribe the user...

Information disclosure

An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for Information Exposure via unsubscribe links in email replies...

CVE-2018-18645

An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for Information Exposure via unsubscribe links in email replies...

mesalva.com XSS vulnerability

Vulnerable URL: https://mesalva.com/forum/email/[email protected]%27%22%3E%3Csvg/onload=alert/openbugbounty/%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 81639 VIP website status:| No...

login.moneyrush.com XSS vulnerability

Vulnerable URL: http://login.moneyrush.com/email-unsubscribe.php?u=" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check login.moneyrush.com SSL connection:|...

aquatherm.co.nz XSS vulnerability

Vulnerable URL: http://www.aquatherm.co.nz/ems/emailunsubscribe.cfm?emailaddress=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 11:22 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...