Security Advisory

CVE-2018-17542

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-02-11 20:00:00

Last updated 2024-09-16 18:54:20

Assigner twcert

State PUBLISHED

Description

SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request.

← Browse all CVEs View on cve.org ↗