Read Time:35 Second

It was discovered that Smarty, that is integrated in the PostfixAdmin
code, was not properly sanitizing user input when generating templates. An
attacker could, through PHP injection, possibly use this issue to execute
arbitrary code. (CVE-2022-29221)

It was discovered that Moment.js, that is integrated in the PostfixAdmin
code, was using an inefficient parsing algorithm when processing date
strings in the RFC 2822 standard. An attacker could possibly use this
issue to cause a denial of service. (CVE-2022-31129)

It was discovered that Smarty, that is integrated in the PostfixAdmin
code, was not properly escaping JavaScript code. An attacker could
possibly use this issue to conduct cross-site scripting attacks (XSS).
(CVE-2023-28447)

Read More

More Stories

suricata-7.0.8-1.el8

FEDORA-EPEL-2025-02e26b51d5 Packages in this update: suricata-7.0.8-1.el8 Update description: Various security, performance, accuracy, and stability issues have been fixed. Read More

suricata-7.0.8-1.fc40

FEDORA-2025-aa783e1cbd Packages in this update: suricata-7.0.8-1.fc40 Update description: Various security, performance, accuracy, and stability issues have been fixed. Read More

suricata-7.0.8-1.el9

FEDORA-EPEL-2025-9dfb7c8f88 Packages in this update: suricata-7.0.8-1.el9 Update description: Various security, performance, accuracy, and stability issues have been fixed. Read More

suricata-7.0.8-1.fc41

FEDORA-2025-e24171db6d Packages in this update: suricata-7.0.8-1.fc41 Update description: Various security, performance, accuracy, and stability issues have been fixed. Read More