Описание
The session.lua library in CGILua 5.1.x uses the same ID for each session, which allows remote attackers to hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875.
The session.lua library in CGILua 5.1.x uses the same ID for each session, which allows remote attackers to hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875.
EPSS
Процентиль: 63%
0.00456
Низкий
CVE ID
Связанные уязвимости
CVSS3: 6.1
nvd
около 6 лет назад
The session.lua library in CGILua 5.1.x uses the same ID for each session, which allows remote attackers to hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875.
CVSS3: 6.1
debian
около 6 лет назад
The session.lua library in CGILua 5.1.x uses the same ID for each sess ...
EPSS
Процентиль: 63%
0.00456
Низкий