CVE-2026-9592
Sensitive Information Disclosure in HTTP header
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
SEPPmail Secure Email Gateway & SEPPmail Cloud before version 15.0.4.2 allows an attacker to replay & hijack a user session in the GINA web portal, as the session token is disclosed inside the URL and a HTTP header.
| CWE | CWE-598 |
| Vendor | seppmail |
| Product | seppmail secure email gateway & seppmail cloud |
| Published | Jul 17, 2026 |
| Last Updated | Jul 17, 2026 |
Stay Ahead of the Next One
Get instant alerts for seppmail seppmail secure email gateway & seppmail cloud
Be the first to know when new unknown vulnerabilities affecting seppmail seppmail secure email gateway & seppmail cloud are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
SEPPmail / SEPPmail Secure Email Gateway & SEPPmail Cloud
All versions affected References
Credits
Aleksandar Marčeta-Pavlović from WKO Inhouse GmbH of the Austrian Economic Chambers