VULHUB ™

Cyclonic webmail has been reported prone to an information disclosure vulnerability. It has been reported that user data is stored in the /users/ folder. When a user views an email with the Cyclonic webmail interface, the content of the email and any attachments of the email is stored in an insecure location. This procedure may result in the contents of the insecure directory being exposed to the public, via web requests, allowing a malicious attacker to potentially request and view sensitive email content.

Cyclonic webmail has been reported prone to an information disclosure vulnerability. It has been reported that user data is stored in the /users/ folder. When a user views an email with the Cyclonic webmail interface, the content of the email and any attachments of the email is stored in an insecure location. This procedure may result in the contents of the insecure directory being exposed to the public, via web requests, allowing a malicious attacker to potentially request and view sensitive email content.