SQL Injection exists in MailSherlock prior to 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hgiga oaklouds mailsherlock |