vendor:
PHPList
by:
7.5
CVSS
HIGH
Security Bypass and Information Disclosure
200
CWE
Product Name: PHPList
Affected Version From:
Affected Version To:
Patch Exists: YES
Related CWE:
CPE: a:phplist:phplist
Platforms Tested:
PHPList Security Bypass and Information Disclosure Vulnerabilities
PHPList is prone to a security-bypass vulnerability and an information-disclosure vulnerability. An attacker can exploit these issues to gain access to sensitive information and send arbitrary messages to registered users. Other attacks are also possible.
Mitigation:
It is recommended to update to the latest version of PHPList to address these vulnerabilities.