Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-11	CVE-2018-17542	SQL Injection vulnerability in Hgiga Oaklouds Mailsherlock SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request. network low complexity hgiga CWE-89	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.