CVE-2023-0398: Modoboa is vulnerable to Cross-Site Request Forgery
(updated )
Modoboa 2.0.3 and prior is vulnerable to Cross-Site Request Forgery. A patch is available and anticipated to be part of version 2.0.4.
References
- github.com/advisories/GHSA-v9gj-5rgp-w33r
- github.com/modoboa/modoboa
- github.com/modoboa/modoboa/commit/8e14ac93669df4f35fcdebd55dc9d2f0fed3ed48
- github.com/pypa/advisory-database/tree/main/vulns/modoboa/PYSEC-2023-282.yaml
- huntr.dev/bounties/0a852351-00ed-44d2-a650-9055b7beed58
- nvd.nist.gov/vuln/detail/CVE-2023-0398
Detect and mitigate CVE-2023-0398 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →