CVE-2024-5996

Опубликовано: 14 июн. 2024

Источник: nvd

Описание

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Связанные уязвимости

GHSA-pmwg-qm4w-3cmq

CVSS3: 8.8

github

больше 1 года назад

The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. These emails are sent without using an encrypted transmission protocol. If an attacker intercepts the packets, they can obtain the plaintext session information and use it to log into the system.