Описание
The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 3.0 (включая)
Одно из
cpe:2.3:a:apple:xcode:1.5:*:*:*:*:*:*:*
cpe:2.3:a:apple:xcode:2.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:xcode_tools:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:xcode_tools:1.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:xcode_tools:2.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:xcode_tools:2.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:xcode_tools:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:xcode_tools:2.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:xcode_tools:2.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:xcode_tools:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:xcode_tools:2.5:*:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.00475
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
почти 4 года назад
The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs.
EPSS
Процентиль: 64%
0.00475
Низкий
5 Medium
CVSS2
Дефекты
CWE-200