22/3/2023
his vulnerability allows remote attackers to send a specially crafted email to a vulnerable system, and without the end user needing to have any interaction with the malicious email (i.e., open or click), information about the user login details can be retrieved. This information could be used to authenticate into other systems, impersonating the user. This vulnerability has been actively exploited by cyber criminals and poses a serious risk, rated 9.8 on the Common Vulnerability Scoring System (a 1 to 10 scale based on severity).
