Описание
The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does not properly delete user login cookies, which allows remote attackers to gain access via cookie reuse.
Ссылки
- Patch
- Vendor Advisory
- Exploit
- Patch
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:tiki:tikiwiki_cms\/groupware:4.0:*:*:*:*:*:*:*
cpe:2.3:a:tiki:tikiwiki_cms\/groupware:4.1:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00686
Низкий
7.5 High
CVSS2
Дефекты
CWE-255
Связанные уязвимости
debian
почти 16 лет назад
The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does ...
github
почти 4 года назад
The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does not properly delete user login cookies, which allows remote attackers to gain access via cookie reuse.
EPSS
Процентиль: 71%
0.00686
Низкий
7.5 High
CVSS2
Дефекты
CWE-255