Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getgophish gophish vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-25295
This affects the package github.com/gophish/gophish prior to 0.12.0. The Open Redirect vulnerability exists in the next query parameter. The application uses url.Parse(r.FormValue("next")) to extract path and eventually redirect user to a relative URL, but if next param...
Getgophish Gophish
5.3
CVSSv3
CVE-2020-24710
Gophish prior to 0.11.0 allows SSRF attacks.
Getgophish Gophish
4.8
CVSSv3
CVE-2019-16146
Gophish up to and including 0.8.0 allows XSS via a username.
Getgophish Gophish
7.5
CVSSv3
CVE-2022-45003
Gophish up to and including 0.12.1 allows malicious users to cause a Denial of Service (DoS) via a crafted payload involving autofocus.
Getgophish Gophish
7.8
CVSSv3
CVE-2020-24707
Gophish prior to 0.11.0 allows the creation of CSV sheets that contain malicious content.
Getgophish Gophish
5.4
CVSSv3
CVE-2020-24708
Cross Site Scripting (XSS) vulnerability in Gophish prior to 0.11.0 via the Host field on the send profile form.
Getgophish Gophish
5.4
CVSSv3
CVE-2020-24709
Cross Site Scripting (XSS) vulnerability in Gophish up to and including 0.10.1 via a crafted landing page or email template.
Getgophish Gophish
6.5
CVSSv3
CVE-2020-24711
The Reset button on the Account Settings page in Gophish prior to 0.11.0 allows malicious users to cause a denial of service via a clickjacking attack
Getgophish Gophish
5.4
CVSSv3
CVE-2020-24712
Cross Site Scripting (XSS) vulnerability in Gophish prior to 0.11.0 via the IMAP Host field on the account settings page.
Getgophish Gophish
7.5
CVSSv3
CVE-2020-24713
Gophish up to and including 0.10.1 does not invalidate the gophish cookie upon logout.
Getgophish Gophish
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »