4 matches found
CVE-2023-41155
A Stored Cross-Site Scripting XSS vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allows remote attackers to insert e-mail forwarding rules, and modify unspecified other configuration settings, as arbitrary users via unknown vectors...
CVE-2009-0272
Cross-site request forgery CSRF vulnerability in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allows remote attackers to insert e-mail forwarding rules, and modify unspecified other configuration settings, as arbitrary users via unknown vectors...
Выполнение команд в exim (code execution)
При использовании правил перенаправляющих почту без проверки локальной части не контролируются специальные символы, что может привести к перенаправлению песьма во внешнее приложение...