Hello,

I consider this new report to be similar to issue #4 which is currently open.

Best regards,

Thibaud Antignac

CEA List

From: security <security-bounces@server.sparta.eu> on behalf of Security Researcher <vaishnaviresearcher@gmail.com>
Date: Thursday 26 November 2020 at 17:40
To: "security@sparta.eu" <security@sparta.eu>
Subject: [security] BUG REPORT

Dear Team ,

I am Vaishnavi Pardeshi working as a security researcher and I found a bug in your website . Report of bug is as Follows .

a) VULNERABILITY TYPE- DMARC RECORD MISSING.

b) HOW TO REPRODUCE(POC-ATTACHED IMAGE):-

1.GO TO- https://mxtoolbox.com

2.put this "sparta.eu " and CLICK GO.

3.YOU WILL SEE THE FAULT(No DMARC Record found)

4.In the new page that loads shows No Dmarc record found

c) Impact

Spammers can forge the "From" address on email messages to make messages appear to come from someone in your domain. If spammers use your domain to send spam or junk email, your domain quality is negatively affected. People who get the forged emails can mark them as spam or junk, which can impact authentic messages sent from your domain.

d) Solution :

Enable DMARC record

Kind regards ,

Vaishnavi Pardeshi