CVE-2001-1536

Опубликовано: 31 дек. 2001

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.

Ссылки

http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2001-11/0225.html
Broken Link
http://www.iss.net/security_center/static/7621.php
Broken Link
http://www.securityfocus.com/bid/3587
Broken Link
Third Party Advisory
VDB Entry
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2001-11/0225.html
Broken Link
http://www.iss.net/security_center/static/7621.php
Broken Link
http://www.securityfocus.com/bid/3587
Broken Link
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:audiogalaxy:audiogalaxy:-:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00765

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-gqm3-6h45-q66x