Home > Vulnerability Database > WS-2023-0061

Mend.io Vulnerability Database

WS-2023-0061

Good to know:

Date: February 16, 2023

Folder in modoboa-webmail mailbox is vulnerable to Reflected Cross-Site Scripting. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

Language: Python

Severity Score

6.1

Related Resources (2)

Url: https://github.com/modoboa/modoboa-webmail/commit/f43789def10f2f866700ebc019f40b96495a3432

Url: https://www.mend.io/vulnerability-database/WS-2023-0061

Severity Score

6.1

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

Top Fix

Upgrade Version

Upgrade to version modoboa-webmail - 1.7.2

Learn More

CVSS v3.1

Base Score:	6.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

WS-2023-0061

Good to know:

Date: February 16, 2023

Language: Python

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?