Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS01N2NyLXJxM2YtcHBteM4AA2me

Moderate CVSS: 5.1 EPSS: 0.00328% (0.55105 Percentile) EPSS:
Permalink JSON

modoboa Cross-Site Request Forgery vulnerability

Affected Packages Affected Versions Fixed Versions
pypi:modoboa < 2.2.2 2.2.2
7 Dependent packages
16 Dependent repositories
5,042 Downloads last month

Affected Version Ranges

All affected versions

0.7.0, 1.2.0, 1.2.1, 1.2.2, 1.3.0, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.4.1, 1.4.2, 1.4.3, 1.4.4, 1.4.5, 1.5.0, 1.5.1, 1.5.2, 1.5.3, 1.6.0, 1.6.1, 1.6.2, 1.6.3, 1.7.0, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.8.0, 1.8.1, 1.8.2, 1.8.3, 1.9.0, 1.9.1, 1.10.0, 1.10.1, 1.10.2, 1.10.3, 1.10.4, 1.10.5, 1.10.6, 1.10.7, 1.11.0, 1.11.1, 1.12.0, 1.12.1, 1.12.2, 1.13.0, 1.13.1, 1.14.0, 1.15.0, 1.16.0, 1.16.1, 1.17.0, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.1.0, 2.1.1, 2.1.2, 2.2.0, 2.2.1

All unaffected versions

2.2.2, 2.2.3, 2.2.4, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.3.5, 2.3.6, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.9

Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.2.2.

References:

Identifiers

GHSA-57cr-rq3f-ppmx

CVE-2023-5690

Risk

Severity

Moderate

CVSS

CVSS Score: 5.1

CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS

EPSS Percentage: 0.00328

EPSS Percentile: 0.55105

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/modoboa/modoboa

Date and time

Published

almost 2 years ago

Updated

10 months ago

API

JSON