5 matches found
Unspecified Vulnerability in Citadel WebCit
WebCit is the Citadel Servlet engine. A security vulnerability exists in Citadel WebCit 926 and earlier versions. A remote authentication attacker can exploit this vulnerability to read someone's email via the msgconfirmmove template...
Citadel WebCit User Enumeration Vulnerability
WebCit is the Citadel Servlet engine. A user enumeration vulnerability exists in Citadel WebCit 926 and earlier versions. A remote, unauthenticated attacker could exploit this vulnerability to enumerate valid users within the platform to obtain sensitive information...
UBUNTU-CVE-2020-27742
An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows authenticated remote attackers to read someone else's emails via the msgconfirmmove template. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" threa...
UBUNTU-CVE-2020-27741
Multiple cross-site scripting XSS vulnerabilities in Citadel WebCit through 926 allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread...
UBUNTU-CVE-2020-27740
Citadel WebCit through 926 allows unauthenticated remote attackers to enumerate valid users within the platform. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread...