Information Disclosure: Remote Viewing of Other Users' Attachments in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and Possibly Other Versions
CVE-2004-1672 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to view other users' attachments by specifying the username and message ID in an HTTP request.
Learn more about our Web App Pen Testing.