modoboa@2.0.5 vulnerabilities
Mail hosting made simple
-
latest version
2.2.4
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
4 months ago
-
licenses detected
- [0.7.0,1.2.0-rc2); [1.6.1,)
Direct Vulnerabilities
Known vulnerabilities in the modoboa package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
modoboa is a Mail hosting made simple Affected versions of this package are vulnerable to Cross-site Scripting (XSS) when displaying the form error messages. How to fix Cross-site Scripting (XSS)? Upgrade |
[,2.2.2)
|
modoboa is a Mail hosting made simple Affected versions of this package are vulnerable to Cross-Site Request Forgery (CSRF) due to the improper handling of user requests. An attacker can trick the victim into executing an unwanted logout by sending a malicious request. How to fix Cross-Site Request Forgery (CSRF)? Upgrade |
[,2.2.2)
|
modoboa is a Mail hosting made simple Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the profile language field due to improper user input sanitization. How to fix Cross-site Scripting (XSS)? Upgrade |
[,2.2.2)
|
modoboa is a Mail hosting made simple Affected versions of this package are vulnerable to Cross-site Scripting (XSS) when displaying form error messages due to improper user input sanitization. How to fix Cross-site Scripting (XSS)? Upgrade |
[,2.2.2)
|
modoboa is a Mail hosting made simple Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) due to missing checks for edit operations. How to fix Cross-site Request Forgery (CSRF)? Upgrade |
[,2.1.0)
|
modoboa is a Mail hosting made simple Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) in edit operations. How to fix Cross-site Request Forgery (CSRF)? Upgrade |
[,2.1.0)
|
modoboa is a Mail hosting made simple Affected versions of this package are vulnerable to Improper Authorization due to missing permissions. Sending a GET request to the following endpoint: How to fix Improper Authorization? Upgrade |
[,2.1.0)
|
modoboa is a Mail hosting made simple Affected versions of this package are vulnerable to Weak Password Requirements due to a bypass for the intended password requirements. How to fix Weak Password Requirements? Upgrade |
[0,2.1.0)
|