Описание
Mantis before 1.1.3 does not unset the session cookie during logout, which makes it easier for remote attackers to hijack sessions.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 1.1.6+dfsg-2 |
| gutsy | ignored | end of life, was needed |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needed |
| jaunty | not-affected | 1.1.6+dfsg-2 |
| karmic | not-affected | 1.1.6+dfsg-2 |
| lucid | not-affected | 1.1.6+dfsg-2 |
| maverick | not-affected | 1.1.6+dfsg-2 |
| natty | not-affected | 1.1.6+dfsg-2 |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 77%
0.01112
Низкий
7.5 High
CVSS2
Связанные уязвимости
redhat
почти 17 лет назад
Mantis before 1.1.3 does not unset the session cookie during logout, which makes it easier for remote attackers to hijack sessions.
nvd
почти 17 лет назад
Mantis before 1.1.3 does not unset the session cookie during logout, which makes it easier for remote attackers to hijack sessions.
debian
почти 17 лет назад
Mantis before 1.1.3 does not unset the session cookie during logout, w ...
github
больше 3 лет назад
Mantis before 1.1.3 does not unset the session cookie during logout, which makes it easier for remote attackers to hijack sessions.
EPSS
Процентиль: 77%
0.01112
Низкий
7.5 High
CVSS2