CVE-2000-0716 — LOW severity vulnerability (WorldClient email client in MDaemon 2.8 includes the session)
WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.
| CVE ID | CVE-2000-0716 |
|---|---|
| Severity | LOW |
| CVSS score | 2.6 |
| CVSS vector | AV:N/AC:H/Au:N/C:P/I:N/A:N |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2000-10-20 |
| Last modified | 2026-04-16 |
| Description | WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →