Описание
If an attacker comes into the possession of a victim's OctoPrint session cookie through whatever means, the attacker can use this cookie to authenticate as long as the victim's account exists.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| octoprint | itp | package |
EPSS
Процентиль: 14%
0.00047
Низкий
Связанные уязвимости
CVSS3: 4.4
nvd
больше 3 лет назад
If an attacker comes into the possession of a victim's OctoPrint session cookie through whatever means, the attacker can use this cookie to authenticate as long as the victim's account exists.
CVSS3: 4.4
github
больше 3 лет назад
OctoPrint vulnerable to Insufficient Session Expiration.
EPSS
Процентиль: 14%
0.00047
Низкий