exploitDog

CVE-2018-15136

Опубликовано: 30 янв. 2019

Источник: nvd

CVSS3: 5.3

CVSS2: 2.6

EPSS Низкий

Описание

TitanHQ SpamTitan before 7.01 has Improper input validation. This allows internal attackers to bypass the anti-spam filter to send malicious emails to an entire organization by modifying the URL requests sent to the application.

Ссылки

https://www.fwhibbit.es/bypassing-spam-titan-my-first-cve
Exploit
Third Party Advisory
https://www.fwhibbit.es/bypassing-spam-titan-my-first-cve
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:titanhq:spamtitan:*:*:*:*:*:*:*:*

Версия до 7.01 (исключая)

EPSS

Процентиль: 48%

0.0025

Низкий

5.3 Medium

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-rp22-gmrp-h9mv

CVSS3: 5.3

github

больше 3 лет назад

TitanHQ SpamTitan before 7.01 has Improper input validation. This allows internal attackers to bypass the anti-spam filter to send malicious emails to an entire organization by modifying the URL requests sent to the application.

EPSS

Процентиль: 48%

0.0025

Низкий

5.3 Medium

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-20