FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a8118db0-cac2-11ec-9288-0800270512f4rainloop -- cross-site-scripting (XSS) vulnerability

Simon Scannell reports:

The code vulnerability can be easily exploited by an attacker by sending a malicious email to a victim that uses RainLoop as a mail client. When the email is viewed by the victim, the attacker gains full control over the session of the victim and can steal any of their emails, including those that contain highly sensitive information such as passwords, documents, and password reset links.


Discovery 2022-04-19
Entry 2022-05-03
rainloop-php74
rainloop-php80
rainloop-php81
rainloop-community-php74
rainloop-community-php80
rainloop-community-php81
lt 1.16.0_2

CVE-2022-29360
https://blog.sonarsource.com/rainloop-emails-at-risk-due-to-code-flaw
https://github.com/RainLoop/rainloop-webmail/issues/2142