Known Vulnerabilities for products from Modoboa

Listed below are 15 of the newest known vulnerabilities associated with the vendor "Modoboa".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2023-5690 json	Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.2.2.	8.8 - HIGH	2023-10-20	2023-10-27
CVE-2023-5689 json	Cross-site Scripting (XSS) - DOM in GitHub repository modoboa/modoboa prior to 2.2.2.	5.4 - MEDIUM	2023-10-20	2023-10-27
CVE-2023-5688 json	Cross-site Scripting (XSS) - DOM in GitHub repository modoboa/modoboa prior to 2.2.2.	5.4 - MEDIUM	2023-10-20	2023-10-27
CVE-2023-2228 json	Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.1.0.	6.8 - MEDIUM	2023-04-21	2023-05-03
CVE-2023-2227 json	Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0.	9.1 - CRITICAL	2023-04-21	2023-05-03
CVE-2023-2160 json	Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0.	9.8 - CRITICAL	2023-04-18	2023-12-18
CVE-2023-0949 json	Cross-site Scripting (XSS) - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5.	4.8 - MEDIUM	2023-02-22	2023-03-02
CVE-2023-0860 json	Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4.	7.5 - HIGH	2023-02-16	2023-02-24
CVE-2023-0777 json	Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4.	9.8 - CRITICAL	2023-02-10	2023-04-06
CVE-2023-0519 json	Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4.	5.4 - MEDIUM	2023-01-26	2023-02-02
CVE-2023-0470 json	Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4.	5.4 - MEDIUM	2023-01-26	2023-02-02
CVE-2023-0438 json	Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.	6.5 - MEDIUM	2023-01-23	2023-01-30
CVE-2023-0406 json	Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.	4.3 - MEDIUM	2023-01-19	2023-01-27
CVE-2023-0398 json	Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.	6.5 - MEDIUM	2023-01-19	2023-01-27
CVE-2019-19702 json	The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an XML External Entity Injection (XXE) attack when processing XML...	7.5 - HIGH	2019-12-10	2021-07-21

Known software with vulnerabilities from Modoboa

Type	Vendor	Product	Version
Application	Modoboa	Modoboa-dmarc	1.1.0