VYPR
High severity7.5NVD Advisory· Published Dec 31, 2001· Updated Jun 16, 2026

CVE-2001-1537

CVE-2001-1537

Description

The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.