Lucene search

K
cvelistRedhatCVELIST:CVE-2011-1491
HistoryApr 08, 2011 - 3:00 p.m.

CVE-2011-1491

2011-04-0815:00:00
redhat
www.cve.org

5.6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.5%

The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker’s account and then compose an e-mail message, related to a β€œlogin CSRF” issue.

5.6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.5%