Mailtrain-org/mailtrain
GitHub
Releases36
Frequency1 month 3 weeks
Last Release
Stars5.73K
Self hosted newsletter app
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 8.8 HIGH | 6 MEDIUM | ||
Mailtrain through 1.24.1 allows SQL Injection in statsClickedSubscribersByColumn in lib/models/campaigns.js via /campaigns/clicked/ajax because variable column names are not properly escaped. | |||