High severity7.5NVD Advisory· Published Dec 31, 2001· Updated Jun 16, 2026
CVE-2001-1537
CVE-2001-1537
Description
The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges.
Affected products
2- Range: <=2.7.4
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/3591nvdBroken LinkThird Party AdvisoryVDB Entry
- archives.neohapsis.com/archives/bugtraq/2001-11/0245.htmlnvdBroken Link
- www.iss.net/security_center/static/7619.phpnvdBroken Link
News mentions
0No linked articles in our index yet.