VYPR
Medium severity4.3NVD Advisory· Published Feb 11, 2019· Updated Jun 17, 2026

CVE-2018-17542

CVE-2018-17542

Description

SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.