EUVD-2019-15533

Malware in sbrugna...

EUVD-2019-15534

Malware in sbrugna...

CVE-2019-5965

Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

CVE-2019-5966

Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and alter/disclose the information via unspecified vectors...

CVE-2019-5965

Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

CVE-2019-5965

Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

CVE-2019-5966

Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and alter/disclose the information via unspecified vectors...

Open redirect

Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

Information disclosure

Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and alter/disclose the information via unspecified vectors...

CVE-2019-5965

Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

CVE-2019-5965

The vulnerability CVE-2019-5965 is an Open Redirect in Joruri Mail ≤2.1.4 (CWE-601). A remote attacker can redirect users to arbitrary sites, enabling phishing via crafted pages. Affected product: Joruri Mail 2.1.4 and earlier. Root cause: improper handling of redirects. Impact: user phishing ris...

CVE-2019-5966

Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and alter/disclose the information via unspecified vectors...

CVE-2019-5966

CVE-2019-5966 affects Joruri Mail 2.1.4 and earlier. The issue is due to improper session management, enabling a remote attacker to impersonate an arbitrary user and alter/disclose information. The Red Hat/NVD entries confirm the impact; affected versions are 2.1.4 and earlier. Remediation advise...

Joruri Mail Input Validation Error Vulnerability

Joruri Mail is a set of IMAP e-mail client software written using Ruby/Rails . An input validation error vulnerability exists in Joruri Mail 2.1.4 and prior versions, which arises from a network system or product that does not properly validate incoming data and can be exploited by a remote...

Multiple vulnerabilities in Joruri Mail

Overview Joruri Mail provided by SiteBridge Inc. contains multiple vulnerabilities listed below. Open Redirect CWE-601 - CVE-2019-5965 Session Management CWE-639 - CVE-2019-5966 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated...

JVN#58052567: Multiple vulnerabilities in Joruri Mail

Joruri Mail provided by SiteBridge Inc. contains multiple vulnerabilities listed below. Open Redirect CWE-601 - CVE-2019-5965 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N| Base Score: 4.7 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base Score: 2.6 Session...

Joruri Mail Authorization Issues Vulnerability

Joruri Mail is a set of IMAP e-mail client software written using Ruby/Rails . A security vulnerability exists in Joruri Mail 2.1.4 and earlier versions. An attacker can exploit this vulnerability to spoof arbitrary users and modify or disclose information...