CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-48307 – Nextcloud Mail app vulnerable to Server-Side Request Forgery
https://notcve.org/view.php?id=CVE-2023-48307
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Starting in version 1.13.0 and prior to version 2.2.8 and 3.3.0, an attacker can use an unprotected endpoint in the Mail app to perform a SSRF attack. Nextcloud Mail app versions 2.2.8 and 3.3.0 contain a patch for this issue. As a workaround, disable the mail app. Nextcloud Mail es la aplicación de correo de Nextcloud, una plataforma de productividad autohospedada. • https://github.com/nextcloud/mail/pull/8709 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4pp4-m8ph-2999 https://hackerone.com/reports/1869714 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-25160 – IDOR Vulnerability in Nextcloud Mail
https://notcve.org/view.php?id=CVE-2023-25160
Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14.5, 1.12.9, and 1.11.8, an attacker can access the mail box by ID getting the subjects and the first characters of the emails. Users should upgrade to Mail 2.2.1 for Nextcloud 25, Mail 1.14.5 for Nextcloud 22-24, Mail 1.12.9 for Nextcloud 21, or Mail 1.11.8 for Nextcloud 20 to receive a patch. No known workarounds are available. • https://github.com/nextcloud/mail/pull/7740 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-m45f-r5gh-h6cx https://hackerone.com/reports/1784681 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 3CVE-2023-23943 – Blind SSRF via server URL input in the Nextcloud Mail app
https://notcve.org/view.php?id=CVE-2023-23943
Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. The only known workaround for this issue is to completely disable the nextcloud mail app. • https://github.com/nextcloud/mail/pull/7796 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8gcx-r739-9pf6 https://hackerone.com/reports/1736390 https://hackerone.com/reports/1741525 https://hackerone.com/reports/1746582 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23944 – Nexcloud Mail app temporarily stores cleartext password in database
https://notcve.org/view.php?id=CVE-2023-23944
Nextcloud mail is an email app for the nextcloud home server platform. In versions prior to 2.2.2 user's passwords were stored in cleartext in the database during the duration of OAuth2 setup procedure. Any attacker or malicious user with access to the database would have access to these user passwords until the OAuth setup has been completed. It is recommended that the Nextcloud Mail app is upgraded to 2.2.2. There are no known workarounds for this issue. • https://github.com/nextcloud/mail/pull/7797 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-g86r-x755-93f4 https://hackerone.com/reports/1806275 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-9097
https://notcve.org/view.php?id=CVE-2015-9097
The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring. La mail gem versiones anteriores a 2.5.5 para Ruby (también conocida como A Really Ruby Mail Library) es vulnerable a inyección de comandos SMTP mediante secuencias CRLF con el comando RCPT TO o MAIL FROM, como lo demuestran las secuencias CRLF inmediatamente antes y después de una subcadena DATA. • http://openwall.com/lists/oss-security/2015/12/11/3 http://www.mbsd.jp/Whitepaper/smtpi.pdf https://github.com/mikel/mail/commit/72befdc4dab3e6e288ce226a7da2aa474cf5be83 https://github.com/mikel/mail/pull/1097 https://github.com/rubysec/ruby-advisory-db/issues/215 https://hackerone.com/reports/137631 https://rubysec.com/advisories/mail-OSVDB-131677 • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •