4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
30.3%
Jan Kundrát reports:
An SSL stripping vulnerability was discovered in Trojitá, a fast Qt
IMAP e-mail client. User’s credentials are never leaked, but if a
user tries to send an e-mail, the automatic saving into the “sent”
or “draft” folders could happen over a plaintext connection even if
the user’s preferences specify STARTTLS as a requirement.