Описание
Session fixation on password protected public links in the ownCloud Server before 10.8.0 allows an attacker to bypass the password protection when they can force a target client to use a controlled cookie.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE |
Показывать по
5.8 Medium
CVSS2
5.4 Medium
CVSS3
Связанные уязвимости
Session fixation on password protected public links in the ownCloud Server before 10.8.0 allows an attacker to bypass the password protection when they can force a target client to use a controlled cookie.
Session fixation on password protected public links in the ownCloud Se ...
Session fixation on password protected public links in the ownCloud Server before 10.8.0 allows an attacker to bypass the password protection when they can force a target client to use a controlled cookie.
5.8 Medium
CVSS2
5.4 Medium
CVSS3