Описание
An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token.
An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token.
EPSS
Процентиль: 56%
0.00337
Низкий
CVE ID
Связанные уязвимости
CVSS3: 8.8
nvd
больше 5 лет назад
An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token.
EPSS
Процентиль: 56%
0.00337
Низкий