Mailcow: >> Mailcow Security Vulnerabilities
mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs.
CVSS Score
8.8
EPSS Score
0.227
Published
2022-05-20
mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF.
CVSS Score
8.8
EPSS Score
0.003
Published
2017-05-14
Page 2