Mailcow Patches Critical XSS and File Overwrite Flaws

Mailcow Patches Critical XSS and File Overwrite Flaws – Update NOW

Researchers at SonarCloud have discovered critical security vulnerabilities in Mailcow, a popular open-source email server solution, that could have allowed attackers to execute malicious code on vulnerable systems “with a single email viewed by an admin.” Here are the details of the two issues that reportedly, have existed for over three years and affect Mailcow versions before 2024-04. XSS (Cross-Site Scripting) via Exception Handler (CVE-2024-31204): The first issue involved Mailcow’s exception-handling mechanism.

Source: HackRead

Date:

24 June 2024

Categorie(s):

NEWS

Tag(s):

Critical, Files, Flaws, Patches, Updates

Donut Holes, clickfix, rapperbots, bad devs, war, Doug Rants about Backups, and More. – SWN #48720 June 2025
Jira tickets become attack vectors in PoC ‘living off AI’ attack20 June 2025
Anubis Ransomware Lists Disneyland Paris as New Victim20 June 2025
Hackers Target 700+ ComfyUI AI Image Generation Servers to Spread Malware20 June 2025
Netflix, Apple, BofA websites hijacked with fake help-desk numbers20 June 2025