CVE-2023-6144 in Dev Bloginfo

Zusammenfassung

von MITRE • 21.11.2023

Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Zuständig

Fluid Attacks

Reservieren

14.11.2023

Veröffentlichung

21.11.2023

Moderieren

akzeptiert

Eintrag

VDB-245866

CPE

bereit

EPSS

0.00448

KEV

nein

Aktivitäten

very low

Sektor

Education

Quellen

Do you know our Splunk app?

Download it now for free!