Forum

CVE-2023-33184 - Nextcloud Mail

Antworten
MITs Forum@forum
4.867 Beiträge
MITS Forenbenutzer
#1 · 27. Mai 2023, 0:00
Zitat

Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3.

References
https://github.com/nextcloud/mail/pull/8275
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gph-9895-w564
https://hackerone.com/reports/1913095

Anklicken für Daumen nach unten.0Anklicken für Daumen nach oben.0
Antworten