CVE-2026-9592
SEPPmail Secure Email Gateway & SEPPmail Cloud prior to 15.0.4.2 are vulnerable. The issue arises because the session token is disclosed in the URL and an HTTP header within the GINA web portal, allowing an attacker to replay and hijack a user session. Affected component: GINA web portal session ...