[FREEBSD:3E917407-4B3F-11EF-8E49-001999F8D30B] Mailpit -- Content Security Policy XSS
Affected Packages
1
Mailpit developer reports:
A vulnerability was discovered which allowed a bad
actor with SMTP access to Mailpit to bypass the Content
Security Policy headers using a series of crafted HTML
messages which could result in a stored XSS attack via
the web UI.
Package | Affected Version |
---|---|
pkg:freebsd/mailpit | < 1.19.3 |
- ID
- FREEBSD:3E917407-4B3F-11EF-8E49-001999F8D30B
- URL
- http://vuxml.freebsd.org/freebsd/3e917407-4b3f-11ef-8e49-001999f8d30b.html
- Published
-
2024-07-26T00:00:00
(6 weeks ago) - Modified
-
2024-07-26T00:00:00
(6 weeks ago) - Rights
- FreeBSD VuXML Security Team
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://github.com/axllent/mailpit/releases/tag/v1.19.3 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/mailpit | mailpit | < 1.19.3 |