Ubuntu Security Notice USN-6550-1

Discussion in 'News Aggregator' started by Packet Storm, 12 Dec 2023.

  1. Packet Storm

    Packet Storm Guest

    Ubuntu Security Notice 6550-1 - It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly sanitizing user input when generating templates. An attacker could, through PHP injection, possibly use this issue to execute arbitrary code. It was discovered that Moment.js, that is integrated in the PostfixAdmin code, was using an inefficient parsing algorithm when processing date strings in the RFC 2822 standard. An attacker could possibly use this issue to cause a denial of service.

    Continue reading...
     
    #1 Packet Storm, 12 Dec 2023
(You must log in or sign up to post here.)

Share This Page

Loading...