Описание
iDS6 DSSPro Digital Signage System 6.2 contains a sensitive information disclosure vulnerability that allows remote attackers to intercept authentication credentials through cleartext cookie transmission. Attackers can exploit the autoSave feature to capture user passwords during man-in-the-middle attacks on HTTP communications.
Ссылки
EPSS
Процентиль: 20%
0.00065
Низкий
7.5 High
CVSS3
Дефекты
CWE-319
Связанные уязвимости
CVSS3: 7.5
github
около 1 месяца назад
iDS6 DSSPro Digital Signage System 6.2 contains a sensitive information disclosure vulnerability that allows remote attackers to intercept authentication credentials through cleartext cookie transmission. Attackers can exploit the autoSave feature to capture user passwords during man-in-the-middle attacks on HTTP communications.
EPSS
Процентиль: 20%
0.00065
Низкий
7.5 High
CVSS3
Дефекты
CWE-319