exploitDog

GHSA-xxrc-mppm-r6mw

Опубликовано: 26 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing attackers to login to the system and access data using the browser cache when the user exits the application.

SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing attackers to login to the system and access data using the browser cache when the user exits the application.

Ссылки

EPSS

Процентиль: 52%

0.00292

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-613

Связанные уязвимости

CVE-2022-25590

CVSS3: 6.5

nvd

около 3 лет назад

SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing attackers to login to the system and access data using the browser cache when the user exits the application.

EPSS

Процентиль: 52%

0.00292

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-613