Описание
Hosted services do not verify the sender of an email against authenticated users, allowing an attacker to spoof the identify of another user's email address.
Hosted services do not verify the sender of an email against authenticated users, allowing an attacker to spoof the identify of another user's email address.
Связанные уязвимости
CVSS3: 6.5
nvd
больше 1 года назад
A vulnerability in multi-tenant hosting allows an authenticated sender to spoof the identity of a shared, hosted domain, thus bypass security measures provided by DMARC (or SPF or DKIM) policies.