Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2010-0464 - Vulnerability Database
Roundcube

Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2010-0464

Medium
Reference: CVE-2010-0464
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-0464
Title: Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

Roundcube 0.3.1 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages which makes it easier for remote attackers to determine the network location of the webmail user by logging DNS requests.