Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gophish vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-45003
Gophish up to and including 0.12.1 allows malicious users to cause a Denial of Service (DoS) via a crafted payload involving autofocus.
Getgophish Gophish
6.1
CVSSv3
CVE-2022-45004
Gophish up to and including 0.12.1 exists to contain a cross-site scripting (XSS) vulnerability via a crafted landing page.
Getgophish Gophish
7.5
CVSSv3
CVE-2020-24713
Gophish up to and including 0.10.1 does not invalidate the gophish cookie upon logout.
Getgophish Gophish
7.8
CVSSv3
CVE-2020-24707
Gophish prior to 0.11.0 allows the creation of CSV sheets that contain malicious content.
Getgophish Gophish
5.4
CVSSv3
CVE-2020-24708
Cross Site Scripting (XSS) vulnerability in Gophish prior to 0.11.0 via the Host field on the send profile form.
Getgophish Gophish
6.5
CVSSv3
CVE-2020-24711
The Reset button on the Account Settings page in Gophish prior to 0.11.0 allows malicious users to cause a denial of service via a clickjacking attack
Getgophish Gophish
4.8
CVSSv3
CVE-2019-16146
Gophish up to and including 0.8.0 allows XSS via a username.
Getgophish Gophish
5.4
CVSSv3
CVE-2020-24709
Cross Site Scripting (XSS) vulnerability in Gophish up to and including 0.10.1 via a crafted landing page or email template.
Getgophish Gophish
5.3
CVSSv3
CVE-2020-24710
Gophish prior to 0.11.0 allows SSRF attacks.
Getgophish Gophish
5.4
CVSSv3
CVE-2020-24712
Cross Site Scripting (XSS) vulnerability in Gophish prior to 0.11.0 via the IMAP Host field on the account settings page.
Getgophish Gophish
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »