CVE-2018-18655

CVE-2018-18655

EPSS 0.8%

Prayer through 1.3.5 sends a Referer header, containing a user's username, when a user clicks on a link in their email because header.t lacks a no-referrer setting.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://bugs.debian.org/911842 https://telescoper.wordpress.com/2018/10/18/a-breakthrough-for-a-bigot/#comment-339386