Pegasus Mail <= 3.12c mailto: Embedded URL File Forwarding Weakness
Medium Nessus Network Monitor Plugin ID 1302
SynopsisThe remote host may be tricked into uploading confidential files to a malicious webserver.
DescriptionThe remote host is running the Pegasus 3.12c mail client. This version contains a vulnerability whereby a malicious website operator may be able to obtain copies of known files on a remote system if a website visitor is running the 3.12c version of the Pegasus client.
SolutionUpgrade to the latest version of Pegasus.