Vulnerability Database
Blog
FAQ
Docs
GHSA-g298-59pg-93h7
Suggest an improvement
Source
https://github.com/advisories/GHSA-g298-59pg-93h7
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/01/GHSA-g298-59pg-93h7/GHSA-g298-59pg-93h7.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-g298-59pg-93h7
Aliases
CVE-2023-0406
PYSEC-2023-283
Published
2023-01-19T18:30:19Z
Modified
2024-11-22T18:40:24.862085Z
Severity
4.3 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVSS Calculator
Summary
Cross-Site Request Forgery in modoboa
Details
Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-0406
https://github.com/modoboa/modoboa/commit/7f0573e917227686d2cc127be1364e2908740807
https://github.com/modoboa/modoboa
https://github.com/pypa/advisory-database/tree/main/vulns/modoboa/PYSEC-2023-283.yaml
https://huntr.dev/bounties/d7007f76-3dbc-48a7-a2fb-377040fe100c
Affected packages
PyPI
/
modoboa
Package
Name
modoboa
View open source insights on deps.dev
Purl
pkg:pypi/modoboa
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2.0.4
Affected versions
0.*
0.7.0
1.*
1.2.0-rc2
1.2.0
1.2.1
1.2.2
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.5.0
1.5.1
1.5.2
1.5.3
1.6.0
1.6.1
1.6.2
1.6.3
1.7.0
1.7.1
1.7.2
1.7.3
1.7.4
1.8.0
1.8.1
1.8.2
1.8.3
1.9.0
1.9.1
1.10.0
1.10.1
1.10.2
1.10.3
1.10.4
1.10.5
1.10.6
1.10.7
1.11.0
1.11.1
1.12.0
1.12.1
1.12.2
1.13.0
1.13.1
1.14.0
1.15.0
1.16.0
1.16.1
1.17.0
2.*
2.0.0b1
2.0.0b2
2.0.0b3
2.0.0
2.0.1
2.0.2
2.0.3
GHSA-g298-59pg-93h7 - OSV