CVE-2018-17542



SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request.

Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *