CVE-2003-1481 — MEDIUM severity vulnerability (CommuniGate Pro 3.1 through 4.0.6 sends the session ID in th)
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.
| CVE ID | CVE-2003-1481 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 5.8 |
| CVSS vector | AV:N/AC:M/Au:N/C:P/I:P/A:N |
| CWE | CWE-200 |
| Status | Modified |
| Published | 2003-12-31 |
| Last modified | 2026-04-16 |
| Description | CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →