{"vulnerability": "cve-2022-39258", "sightings": [{"uuid": "8410fcef-f5ae-4a95-b2a5-332fcda4a1b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39258", "type": "seen", "source": "https://t.me/cibsecurity/50527", "content": "\u203c CVE-2022-39258 \u203c\n\nmailcow is a mailserver suite. A vulnerability innversions prior to 2022-09 allows an attacker to craft a custom Swagger API template to spoof Authorize links. This could redirect a victim to an attacker controller place to steal Swagger authorization credentials or create a phishing page to steal other information. The issue has been fixed with the 2022-09 mailcow Mootember Update. As a workaround, one may delete the Swapper API Documentation from their e-mail server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-27T22:50:02.000000Z"}]}