Vulnerability Database
Blog
FAQ
Docs
PYSEC-2023-282
See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/modoboa/PYSEC-2023-282.yaml
JSON Data
https://api.test.osv.dev/v1/vulns/PYSEC-2023-282
Aliases
CVE-2023-0398
GHSA-v9gj-5rgp-w33r
Published
2023-01-19T09:15:00Z
Modified
2024-11-21T14:59:40.209173Z
Severity
6.5 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVSS Calculator
Summary
[none]
Details
Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.
References
https://github.com/modoboa/modoboa/commit/8e14ac93669df4f35fcdebd55dc9d2f0fed3ed48
https://huntr.dev/bounties/0a852351-00ed-44d2-a650-9055b7beed58
Affected packages
PyPI
/
modoboa
Package
Name
modoboa
View open source insights on deps.dev
Purl
pkg:pypi/modoboa
Affected ranges
Type
GIT
Repo
https://github.com/modoboa/modoboa
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Fixed
8e14ac93669df4f35fcdebd55dc9d2f0fed3ed48
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2.0.4
Affected versions
0.*
0.7.0
1.*
1.2.0-rc2
1.2.0
1.2.1
1.2.2
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.5.0
1.5.1
1.5.2
1.5.3
1.6.0
1.6.1
1.6.2
1.6.3
1.7.0
1.7.1
1.7.2
1.7.3
1.7.4
1.8.0
1.8.1
1.8.2
1.8.3
1.9.0
1.9.1
1.10.0
1.10.1
1.10.2
1.10.3
1.10.4
1.10.5
1.10.6
1.10.7
1.11.0
1.11.1
1.12.0
1.12.1
1.12.2
1.13.0
1.13.1
1.14.0
1.15.0
1.16.0
1.16.1
1.17.0
2.*
2.0.0b1
2.0.0b2
2.0.0b3
2.0.0
2.0.1
2.0.2
2.0.3
PYSEC-2023-282 - OSV