The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox.
References
Link | Resource |
---|---|
http://www.iss.net/security_center/static/9615.php | |
http://www.securitybugware.org/Other/5537.html | Vendor Advisory |
http://www.securityfocus.com/bid/5238 | Exploit |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2002-12-31 05:00
Updated : 2024-02-04 16:31
NVD link : CVE-2002-2165
Mitre link : CVE-2002-2165
CVE.ORG link : CVE-2002-2165
JSON object : View
Products Affected
imho
- imho_webmail
CWE