Vulnerabilities > CVE-2019-5966 - Authorization Bypass Through User-Controlled Key vulnerability in Joruri Mail 2.1.4

047910
CVSS 5.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE

Summary

Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and alter/disclose the information via unspecified vectors.

Vulnerable Configurations

Part Description Count
Application
Joruri
1