exploitDog

GHSA-66vr-9fmp-3692

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

MFScripts YetiShare 3.5.2 through 4.5.3 does not set the Secure flag on session cookies, allowing the cookie to be sent over cleartext channels.

MFScripts YetiShare 3.5.2 through 4.5.3 does not set the Secure flag on session cookies, allowing the cookie to be sent over cleartext channels.

Ссылки

EPSS

Процентиль: 40%

0.00183

Низкий

CVE ID

Связанные уязвимости

CVE-2019-19739

CVSS3: 7.5

nvd

около 6 лет назад

MFScripts YetiShare 3.5.2 through 4.5.3 does not set the Secure flag on session cookies, allowing the cookie to be sent over cleartext channels.

EPSS

Процентиль: 40%

0.00183

Низкий

CVE ID