Описание
Session fixation on password protected public links in the ownCloud Server before 10.8.0 allows an attacker to bypass the password protection when they can force a target client to use a controlled cookie.
Ссылки
- Release NotesVendor Advisory
- Vendor Advisory
- Release NotesVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
5.4 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Session fixation on password protected public links in the ownCloud Server before 10.8.0 allows an attacker to bypass the password protection when they can force a target client to use a controlled cookie.
Session fixation on password protected public links in the ownCloud Se ...
Session fixation on password protected public links in the ownCloud Server before 10.8.0 allows an attacker to bypass the password protection when they can force a target client to use a controlled cookie.
EPSS
5.4 Medium
CVSS3
5.8 Medium
CVSS2