CommuniGate Pro Webmail Session Hijacking Vulnerability

CommuniGate Pro Webmail has been reported prone to a session hijacking vulnerability. The vulnerability presents itself when the victim views an image or similar resource embedded in a HTML web-mail.

The attacker may intercept the HTTP header and extract URL data contained within. The attacker may use this data, within a certain time frame, to hijack the current user session.


 

Privacy Statement
Copyright 2010, SecurityFocus