Getgophish: >> Gophish >> 0.12.1 Security Vulnerabilities
Cross-Site Scripting stored vulnerability in Gophish affecting version 0.12.1. This vulnerability could allow an attacker to store a malicious JavaScript payload in the campaign menu and trigger the payload when the campaign is removed from the menu.
CVSS Score
4.6
EPSS Score
0.001
Published
2024-03-06
Gophish through 0.12.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted landing page.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-03-22
Gophish through 0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted payload involving autofocus.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-03-22