Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
mailcow-dockerized XSS Vulnerability in Quarantine UI Allows Unauthorized Access and Data Manipulation
Vulnerability Description
Mailcow: dockerized is an open source groupware/email suite based on docker. A Cross-Site Scripting (XSS) vulnerability has been identified within the Quarantine UI of the system. This vulnerability poses a significant threat to administrators who utilize the Quarantine feature. An attacker can send a carefully crafted email containing malicious JavaScript code. This issue has been patched in version 2023-11.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
mailcow dockerized 跨站脚本漏洞
Vulnerability Description
mailcow是一个邮件服务器套件。 mailcow dockerized存在跨站脚本漏洞,该漏洞源于系统的Quarantine UI 中包含跨站脚本 (XSS) , 攻击者利用该漏洞可以发送精心设计的包含恶意 JavaScript 代码的电子邮件。
CVSS Information
N/A
Vulnerability Type
N/A