Roundcube Improper Input Validation Vulnerability - CVE-2011-1491

The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker39s account and then compose an e-mail message related to a quotlogin CSRFquot issue.