Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-67mg-gm8m-ph5r: Improper Authorization in modoboa

In modoboa prior to 2.1.0, sending a GET request to the endpoint /api/v2/parameters/core/ returns sensitive information without any authentication or authorization.

ghsa
#git#auth

Improper Authorization in modoboa

High severity GitHub Reviewed Published Apr 21, 2023 to the GitHub Advisory Database • Updated Apr 24, 2023

Related news

CVE-2023-2227: Added missing permissions on API endpoints · modoboa/modoboa@7bcd3f6

Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0.