CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2160 – Weak Password Requirements in modoboa/modoboa
https://notcve.org/view.php?id=CVE-2023-2160
Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0. • https://github.com/modoboa/modoboa/commit/130257c96a2392ada795785a91178e656e27015c https://huntr.dev/bounties/54fb6d6a-6b39-45b6-b62a-930260ba484b • CWE-521: Weak Password Requirements •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0949 – Cross-site Scripting (XSS) - Reflected in modoboa/modoboa
https://notcve.org/view.php?id=CVE-2023-0949
Cross-site Scripting (XSS) - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5. El repositorio modoboa de GitHub, en versiones anteriores a 2.0.5, es vulnerable a un Cross-site Scripting (XSS) reflejado. • https://github.com/modoboa/modoboa/commit/aa74e9a4a870162eea169e0a6a2eab841f8811b7 https://huntr.dev/bounties/ef87be4e-493b-4ee9-9738-44c55b8acc19 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-0860 – Improper Restriction of Excessive Authentication Attempts in modoboa/modoboa-installer
https://notcve.org/view.php?id=CVE-2023-0860
Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4. • https://github.com/0xsu3ks/CVE-2023-0860 https://github.com/modoboa/modoboa-installer/commit/63d92b73f3da6971ae4e13d033d625773ac91085 https://huntr.dev/bounties/64f3ab93-1357-4468-8ff4-52bbcec18cca • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2CVE-2023-0777 – Authentication Bypass by Primary Weakness in modoboa/modoboa
https://notcve.org/view.php?id=CVE-2023-0777
Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4. modoboa version 2.0.4 suffers from an administrative takeover vulnerability. • https://www.exploit-db.com/exploits/51276 http://packetstormsecurity.com/files/171744/modoboa-2.0.4-Admin-Takeover.html https://github.com/modoboa/modoboa/commit/47d17ac6643f870719691073956a26e4be0a4806 https://huntr.dev/bounties/a17e7a9f-0fee-4130-a522-5a0466fc17c7 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0519 – Cross-site Scripting (XSS) - Stored in modoboa/modoboa
https://notcve.org/view.php?id=CVE-2023-0519
Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4. Cross site scripting (XSS): almacenado en el repositorio de GitHub modoboa/modoboa anterior a 2.0.4. • https://github.com/modoboa/modoboa/commit/eef9ab72b5305578a3ad7a7463bd284aa645e98b https://huntr.dev/bounties/891ad0cb-d12f-4c5e-aac8-d7326caf2129 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •