How severe is CVE-2023-26430?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2023-26430?

This is classified as CWE-77, which is a common weakness in software security.

CVE-2023-26430

MEDIUM Year: 2023

CVSS v3 Score

4.3

Medium

Weakness Type

CWE-77

View all →

Vulnerability Description

Attackers with access to user accounts can inject arbitrary control characters to SIEVE mail-filter rules. This could be abused to access SIEVE extension that are not allowed by App Suite or to inject rules which would break per-user filter processing, requiring manual cleanup of such rules. We have added sanitization to all mail-filter APIs to avoid forwardning control characters to subsystems. No publicly available exploits are known.

CVE-2021-22868

MEDIUM

CVSS:4.3(Medium)

A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not...

CWE-772021

CVE-2025-27146

MEDIUM

CVSS:4.3(Medium)

matrix-appservice-irc is a Node.js IRC bridge for Matrix. The matrix-appservice-irc bridge up to version 3.0.3 contains a vulnerability which can lead to arbitrary IRC command execution as the puppete...

CWE-772025

CVE-2019-1607

MEDIUM

CVSS:4.2(Medium)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerabilit...

CWE-772019