Vulnerabilities > Joruri > Joruri Mail > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-05 | CVE-2019-5966 | Authorization Bypass Through User-Controlled Key vulnerability in Joruri Mail 2.1.4 Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and alter/disclose the information via unspecified vectors. | 5.4 |
| 2019-07-05 | CVE-2019-5965 | Open Redirect vulnerability in Joruri Mail 2.1.4 Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.1 |