Name of the Vulnerable Software and Affected Versions:

b1gMail versions up to 7.4.1-pl1

Description:

A problematic issue was found in the Admin Page component, specifically in the file src/admin/users.php, where the manipulation of the `query/q` argument leads to deserialization. This issue can be exploited remotely. It is recommended to upgrade to a newer version to address this issue.

Recommendations:

For b1gMail versions up to 7.4.1-pl1, upgrade to version 7.4.1-pl2 to address this issue.

For b1gMail 7.4.0 commercial edition, upgrade to version 7.4.0-pl3.