Описание
Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking.This issue affects Pik Online: before 3.1.5.
EPSS
Процентиль: 32%
0.00122
Низкий
7.6 High
CVSS3
Дефекты
CWE-359
Связанные уязвимости
CVSS3: 7.6
github
11 месяцев назад
Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking.This issue affects Pik Online: through 05.03.2025. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
EPSS
Процентиль: 32%
0.00122
Низкий
7.6 High
CVSS3
Дефекты
CWE-359