Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsThere is no fixed version for github.com/gophish/gophish/imap
.
Affected versions of this package are vulnerable to Insufficiently Protected Credentials through the Mail Server Configuration process. An attacker can access cleartext passwords for the configured IMAP and SMTP servers.