We found results for “”
WS-2023-0061
Good to know:
Date: February 16, 2023
Folder in modoboa-webmail mailbox is vulnerable to Reflected Cross-Site Scripting. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.
Language: Python
Severity Score
Severity Score
Weakness Type (CWE)
Cross-Site Scripting (XSS)
CWE-79Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | CHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |