HTML Injection in Alinto/SOGo Web Client
CVE-2023-48104
HTML Injection in Alinto/SOGo Web Client
Vendor of Product
Alinto
Vulnerability Type
HTML Injection
Affected Versions
SOGo Web Mail < 591
Attack Vectors
Phishing - In the body of the message, you can inject a malicious form that will send the entered data to the attacker
Additional Information
The fix to prevent form tag in mail body has been made -&