CVE-2020-24712

CVE-2020-24712

EPSS 0.9%

Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the IMAP Host field on the account settings page.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/gophish/gophish/commit/4e9b94b641755f359542b246cc0c555fa3bc6715 https://github.com/gophish/gophish/releases/tag/v0.11.0 https://herolab.usd.de/security-advisories/usd-2020-0050/