CNNVD-202507-2300 Information

CNNVD ID

CNNVD-202507-2300

Related CVE

CVE-2025-53909

• CNNVD Published: 2025-07-17

Description (Chinese)

mailcow: dockerized是mailcow开源的一个docker化的mailcow应用软件。 mailcow: dockerized 2025-07之前版本存在安全漏洞，该漏洞源于通知模板系统存在服务器端模板注入，可能导致代码执行。

Description (English)

Mailcow: Dockerized is a docker-like mailcow application from the mailcow open source. Mailcow: pre-dockerized 2025-07 security loophole, which arises from the injection of server-end templates into the notification template system, which may lead to code implementation.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

mailcow

Published

2025-07-17

Last Modified

2026-02-24

References

https://github.com/mailcow/mailcow-dockerized/commit/8c5f6c03214a4b2bdbf3c78932f860eee949012b https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-8p7g-6cjj-wr9m

Patch

https://github.com/mailcow/mailcow-dockerized/releases