Stalker: >> Communigate Pro >> 3.3.2 Security Vulnerabilities
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.
CVSS Score
5.8
EPSS Score
0.026
Published
2003-12-31
POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.
CVSS Score
5.0
EPSS Score
0.041
Published
2000-12-11