NVD
- Id
- 8423
- Name
- CVE-2011-1491
- Description
- The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker"s account and then compose an e-mail message, related to a "login CSRF" issue.
- Reject
- CVSS Version
- 2
- CVSS Score
- 3.5
- Severity
- Low
- CVSS Base Score
- 3.5
- CVSS Impact Subscore
- 2.9
- CVSS Exploit Subscore
- 6.8
- CVSS Vector
- (AV:N/AC:M/Au:S/C:P/I:N/A:N)
- Pub Date
- 2017-01-07
- Published
- 2011-04-08
- Modified Date
- 2011-04-20
- Seq
- 2011-1491