0.001 Low
EPSS
Percentile
41.8%
A man-in-the-middle can inject cleartext forged responses to future encrypted commands by pipelining them to the STARTTLS response.
Use the attached test case within the curl test system. It is based on IMAP FETCH with explicit TLS. Upon test failure, the downloaded file contains โYouโve been hacked!โ rather than the requested mail.
Mailbox content forgery (IMAP, POP3).
Sent mail content forgery (SMTP).
0.001 Low
EPSS
Percentile
41.8%