Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HApache Pony Mail
APPApache0.6c0.7b0.8b
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
Related vulnerabilities
CVE-2026-41873CRITICAL9.8PL ✓ten sam produkt
HTTP Request Smuggling w Apache Pony Mail — przejęcie konta admina
CVE-2019-0218MEDIUM6.1ten sam produkt
A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in th...
CVE-2017-5658MEDIUM5.3ten sam produkt
The statistics generator in Apache Pony Mail 0.7 to 0.9 was found to be returning timestamp data without prope...
CVE-2025-24813CRITICAL9.8⚠ KEVPL ✓ten sam vendor
Apache Tomcat: Path Equivalence prowadzący do RCE i ujawnienia danych
CVE-2024-38856CRITICAL9.8⚠ KEVPL ✓ten sam vendor
Apache OFBiz — nieautoryzowane wykonanie kodu przez błędną autoryzację