2006-05-17 10:00:00
mitre
PUBLISHED
phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, which allows remote authenticated users to read messages for other users by adding the senders e-mail address as an "additional contact".