Email Spoofing
N
Nextcloud
Submitted None
Actions:
Reported by
khalidamin
Vulnerability Details
Technical details and impact analysis
Hi there,
Similar to this report submitted to Hackerone itself: https://hackerone.com/reports/575
You also are vulnerable to email spoofing.
Steps to reproduce:
1- Go to https://emkei.cz ( A Fake Mailer )
2- Set the from to parameter as [email protected] or any other name, and send it.
3- The email is sent with any content you'd like to add as the message.
Thanks.
Report Details
Additional information and metadata
State
Closed
Substate
Informative
Submitted
Weakness
Violation of Secure Design Principles