Vulnerability Details CVE-2020-24707
Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
References
- https://github.com/gophish/gophish/commit/b25f5ac5e468f6730e377f43c7995e18f8fccc2b
- https://github.com/gophish/gophish/releases/tag/v0.11.0
- https://herolab.usd.de/security-advisories/usd-2020-0052/
- https://github.com/gophish/gophish/commit/b25f5ac5e468f6730e377f43c7995e18f8fccc2b
- https://github.com/gophish/gophish/releases/tag/v0.11.0
- https://herolab.usd.de/security-advisories/usd-2020-0052/
Products affected by CVE-2020-24707
-
cpe:2.3:a:getgophish:gophish:-
-
cpe:2.3:a:getgophish:gophish:0.1
-
cpe:2.3:a:getgophish:gophish:0.1.1
-
cpe:2.3:a:getgophish:gophish:0.1.2
-
cpe:2.3:a:getgophish:gophish:0.10.0
-
cpe:2.3:a:getgophish:gophish:0.10.1
-
cpe:2.3:a:getgophish:gophish:0.2.0
-
cpe:2.3:a:getgophish:gophish:0.3.0
-
cpe:2.3:a:getgophish:gophish:0.4.0
-
cpe:2.3:a:getgophish:gophish:0.5.0
-
cpe:2.3:a:getgophish:gophish:0.6.0
-
cpe:2.3:a:getgophish:gophish:0.7.0
-
cpe:2.3:a:getgophish:gophish:0.7.1
-
cpe:2.3:a:getgophish:gophish:0.8.0
-
cpe:2.3:a:getgophish:gophish:0.9.0