CVE-2000-0716

Published: Jan 22, 2001

Modified: Aug 8, 2024

PUBLISHED

Description

WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

1553

vdb-entry

x_refsource_BID

mdaemon-session-id-hijack(5070)

vdb-entry

x_refsource_XF

20000809 Session hijacking in Alt-N's MDaemon 2.8

mailing-list

x_refsource_NTBUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2000-0716

Description

Affected Products

References