CVE-2002-2410
CVE-2002-2410 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information.
Learn more about our Web App Pen Testing.