CVE-2003-1481 Information

Description

CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.

Reference

http://securityreason.com/securityalert/3290 http://www.securityfocus.com/archive/1/320438 http://www.securityfocus.com/bid/7501 https://exchange.xforce.ibmcloud.com/vulnerabilities/11932