xboot <=3.3.4 User's Sensitive Information is included in Cookies정보

제목	Exrick https://github.com/Exrick/xboot <=3.3.4 User's Sensitive Information is included in Cookies
설명	In the latest version (v3.3.4) of xboot, there are security flaws in the cookie design. Sensitive user information including uid, username, nickname, mobile, email, address, sex, avatar URL, and birthday are all stored in cookies. If these cookies are compromised, attackers can leverage this information to launch more sophisticated attacks such as brute force attacks, social engineering, and phishing.
원천	⚠️ https://github.com/Exrick/xboot/issues/69
사용자	ZAST.AI (UID 87884)
제출	2025. 07. 25. AM 03:24 (9 개월 ago)
모더레이션	2025. 08. 04. AM 08:51 (10 days later)
상태	수락
VulDB 항목	318654 [Exrick xboot 까지 3.3.4 getMenuList 정보 공개]
포인트들	19

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!