Description

JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body.

Remediation

References

CVE-2023-42508

Related Vulnerabilities

WordPress Plugin Canto Multiple Server-Side Request Forgery Vulnerabilities (1.7.0)

WordPress Plugin Simple SEO Cross-Site Scripting (1.7.91)

PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4812)

WebLogic CVE-2022-21347 Vulnerability (CVE-2022-21347)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4910)

Severity

Medium

Classification

CVE-2023-42508 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities