Posted on

CVE-2018-17542

SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request.

Leave a Reply

Your email address will not be published. Required fields are marked *