CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1537
https://notcve.org/view.php?id=CVE-2001-1537
The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges. • http://archives.neohapsis.com/archives/bugtraq/2001-11/0245.html http://www.iss.net/security_center/static/7619.php http://www.securityfocus.com/bid/3591 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1361
https://notcve.org/view.php?id=CVE-2001-1361
Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links. • http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0005.html http://twig.screwdriver.net/file.php3?file=CHANGELOG •