CommuniGate Pro 3.1 up to and including 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote malicious users to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
stalker communigate pro 3.1 |
||
stalker communigate pro 3.2.4 |
||
stalker communigate pro 4.0.2 |
||
stalker communigate pro 3.2_b5 |
||
stalker communigate pro 3.2_b7 |
||
stalker communigate pro 4.0.6 |
||
stalker communigate pro 4.0_b2 |
||
stalker communigate pro 4.0.3 |
||
stalker communigate pro 3.3_b2 |
||
stalker communigate pro 3.4_b3 |
||
stalker communigate pro 4.0.1 |
||
stalker communigate pro 3.3.2 |
||
stalker communigate pro 3.3_b1 |
||
stalker communigate pro 4.0_b3 |