Описание
claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote attackers to hijack sessions and possibly gain administrative privileges.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:claroline:claroline:1.7.2:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01089
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote attackers to hijack sessions and possibly gain administrative privileges.
EPSS
Процентиль: 78%
0.01089
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other