10 matches found
CVE-2023-5688 Cross-site Scripting (XSS) - DOM in modoboa/modoboa
Cross-site Scripting XSS - DOM in GitHub repository modoboa/modoboa prior to 2.2.2...
CVE-2023-5688
CVE-2023-5688 affects modoboa/modoboa prior to 2.2.2 and is described as a DOM-based Cross-site Scripting (XSS) vulnerability. The vulnerability is triggered through the browser environment, allowing an attacker to execute malicious scripts in a user’s session. Public references confirm the issue...
CVE-2023-2227
Modoboa
CVE-2023-2160
The CVE pertains to modoboa/modoboa with weak password requirements prior to version 2.1.0. Several connected sources confirm that users could set unsafe passwords (e.g., 1, HACK) due to weak password policy, and that this was fixed in commit 130257c96a2392ada795785a91178e656e27015c and is addres...
CVE-2023-0949 Cross-site Scripting (XSS) - Reflected in modoboa/modoboa
Cross-site Scripting XSS - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5...
CVE-2023-0777 Authentication Bypass by Primary Weakness in modoboa/modoboa
Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4...
CVE-2023-0470
Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...
CVE-2023-0519 Cross-site Scripting (XSS) - Stored in modoboa/modoboa
Cross-site Scripting XSS - Stored in GitHub repository modoboa/modoboa prior to 2.0.4...
CVE-2023-0398 Cross-Site Request Forgery (CSRF) in modoboa/modoboa
Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.0.4...
CVE-2023-0406 Cross-Site Request Forgery (CSRF) in modoboa/modoboa
Cross-Site Request Forgery CSRF in GitHub repository modoboa/modoboa prior to 2.0.4...