CVE-2018-17542

SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request.
Configurations

Configuration 1

cpe:2.3:a:hgiga:oaklouds_mailsherlock:*:*:*:*:*:*:*:*

Information

Published : 2019-02-11 08:29

Updated : 2019-10-09 11:36


NVD link : CVE-2018-17542

Mitre link : CVE-2018-17542

Products Affected
No products.
CWE