exploitDog

GHSA-r568-9m64-gfrv

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

SAP Enable Now, before version 1911, sends the Session ID cookie value in URL. This might be stolen from the browser history or log files, leading to Information Disclosure.

SAP Enable Now, before version 1911, sends the Session ID cookie value in URL. This might be stolen from the browser history or log files, leading to Information Disclosure.

Ссылки

EPSS

Процентиль: 26%

0.00092

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-200

CWE-613

Связанные уязвимости

CVE-2020-6178

CVSS3: 5.4

nvd

почти 6 лет назад

SAP Enable Now, before version 1911, sends the Session ID cookie value in URL. This might be stolen from the browser history or log files, leading to Information Disclosure.

EPSS

Процентиль: 26%

0.00092

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-200

CWE-613