exploitDog

GHSA-6q4p-cfxj-gj9f

Опубликовано: 30 апр. 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter.

Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter.

Ссылки

EPSS

Процентиль: 93%

0.10363

Средний

CVE ID

Связанные уязвимости

CVE-2001-0857

nvd

около 24 лет назад

Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter.

EPSS

Процентиль: 93%

0.10363

Средний

CVE ID