Vulnerability Details CVE-2023-40599
Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3.1.3 and earlier, which allows a remote unauthenticated attacker to cause a denial-of-service condition. Affected add-ons are as follows: call/call.js, prefcodeadv/search.cgi, estimate/estimate.js, search/search.js, suggest/suggest.js, and coupon/coupon.js.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.5%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-40599
-
cpe:2.3:a:synck_graphica:mailform_pro_cgi:-
-
cpe:2.3:a:synck_graphica:mailform_pro_cgi:4.1.4
-
cpe:2.3:a:synck_graphica:mailform_pro_cgi:4.1.5
-
cpe:2.3:a:synck_graphica:mailform_pro_cgi:4.3.1
-
cpe:2.3:a:synck_graphica:mailform_pro_cgi:4.3.1.3