漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to be returning timestamp data without proper authorization checks. This could lead to derived information disclosure on private lists about the timing of specific email subjects or text bodies, though without disclosing the content itself. As this was primarily used as a caching feature for faster loading times, the caching was disabled by default to prevent this. Users using 0.9 should upgrade to 0.10 to address this issue.
漏洞信息
N/A
漏洞
N/A
漏洞
Apache Pony Mail 安全漏洞
漏洞信息
Apache Pony Mail是美国阿帕奇(Apache)软件基金会的一款具有邮件归档、查看和交互功能的插件。 Apache Pony Mail 0.7版本至0.9版本中的statistics generator存在安全漏洞,该漏洞源于statistics generator没有进行适当的授权检查就返回时间戳数据。攻击者可利用该漏洞获取私人列表中邮件主题或文本主体的时序信息。
漏洞信息
N/A
漏洞
N/A