RSS   Podatności dla 'Gophish'   RSS

2020-10-28
 
CVE-2020-24713

CWE-613
 

 
Gophish through 0.10.1 does not invalidate the gophish cookie upon logout.

 
 
CVE-2020-24712

CWE-79
 

 
Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the IMAP Host field on the account settings page.

 
 
CVE-2020-24711

CWE-1021
 

 
The Reset button on the Account Settings page in Gophish before 0.11.0 allows attackers to cause a denial of service via a clickjacking attack

 
 
CVE-2020-24710

CWE-918
 

 
Gophish before 0.11.0 allows SSRF attacks.

 
 
CVE-2020-24709

CWE-79
 

 
Cross Site Scripting (XSS) vulnerability in Gophish through 0.10.1 via a crafted landing page or email template.

 
 
CVE-2020-24708

CWE-79
 

 
Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the Host field on the send profile form.

 
 
CVE-2020-24707

CWE-1236
 

 
Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content.

 
2019-09-09
 
CVE-2019-16146

CWE-79
 

 
Gophish through 0.8.0 allows XSS via a username.

 


Copyright 2024, cxsecurity.com

 

Back to Top