Vulnerabilities > Transware > Active Mail > 2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-12-17 | CVE-2009-4354 | Credentials Management vulnerability in Transware Active! Mail 1.422/2.0 TransWARE Active! mail 2003 build 2003.0139.0871 and earlier does not properly secure the session ID in a session cookie, which allows remote attackers to hijack web sessions, probably related to the "secure" flag for cookies in SSL sessions. | 5.8 |
2002-10-04 | CVE-2002-0950 | HTML Injection vulnerability in TransWare Active Mail 1.422/2.0 Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and 2.0 allows remote attackers to execute arbitrary code via a certain e-mail header, which is not properly filtered. | 7.5 |