CVE-2000-0716

2000-10-20T04:00:00
ID CVE-2000-0716
Type cve
Reporter cve@mitre.org
Modified 2017-10-10T01:29:00

Description

WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.