5
CVSSv2

CVE-2018-17542

Published: 11/02/2019 Updated: 12/02/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 484
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

SQL Injection exists in MailSherlock prior to 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request.

Vulnerability Trend