3 matches found
CVE-2020-29547
An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can pipeline commands after POP3 STLS, IMAP STARTTLS, or SMTP STARTTLS commands, injecting cleartext commands into an encrypted user session. This can lead to credential disclosure...
CVE-2020-29547
An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can pipeline commands after POP3 STLS, IMAP STARTTLS, or SMTP STARTTLS commands, injecting cleartext commands into an encrypted user session. This can lead to credential disclosure...
CVE-2020-29547
Citadel through webcit-926 (CVE-2020-29547) is affected. The vulnerability lets Meddler-in-the-middle attackers inject cleartext commands into an encrypted user session after POP3 STLS, IMAP STARTTLS, or SMTP STARTTLS, potentially leading to credential disclosure. Connected sources corroborate th...