Описание
Reliance on Cookies without Validation and Integrity Checking in getgrav/grav
grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking. A cookie with an overly broad path can be accessed through other applications on the same domain. Since cookies often carry sensitive information such as session identifiers, sharing cookies across applications can lead a vulnerability in one application to cause a compromise in another.
Пакеты
Наименование
getgrav/grav
composer
Затронутые версииВерсия исправления
< 1.7.21
1.7.21
Связанные уязвимости
CVSS3: 5.3
nvd
больше 4 лет назад
grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking