Note:
This project will be discontinued after December 13, 2021. [more]
2020-06-25
MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers.
| Products | Trojita |
| Type | Improper Certificate Validation (CWE-295) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://bugs.kde.org/show_bug.cgi?id=423453
• https://gerrit.vesnicky.cesnet.cz/r/1035 |