Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3.1.3 and earlier, which allows a remote unauthenticated attacker to cause a denial-of-service condition. Affected add-ons are as follows: call/call.js, prefcodeadv/search.cgi, estimate/estimate.js, search/search.js, suggest/suggest.js, and coupon/coupon.js.
References
Link | Resource |
---|---|
https://jvn.jp/en/jp/JVN86484824/ | Third Party Advisory |
https://www.synck.com/blogs/news/newsroom/detail_1691668841.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2023-08-25T02:18:19.849Z
Updated: 2023-08-25T02:18:19.849Z
Reserved: 2023-08-17T08:04:36.758Z
Link: CVE-2023-40599
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-08-25T03:15:08.997
Modified: 2023-08-31T16:09:14.827
Link: CVE-2023-40599
JSON object: View
Redhat Information
No data.
CWE