xboot <=3.3.4 User's Sensitive Information is included in Cookiesinformação

Título	Exrick https://github.com/Exrick/xboot <=3.3.4 User's Sensitive Information is included in Cookies
Descrição	In the latest version (v3.3.4) of xboot, there are security flaws in the cookie design. Sensitive user information including uid, username, nickname, mobile, email, address, sex, avatar URL, and birthday are all stored in cookies. If these cookies are compromised, attackers can leverage this information to launch more sophisticated attacks such as brute force attacks, social engineering, and phishing.
Fonte	⚠️ https://github.com/Exrick/xboot/issues/69
Utilizador	ZAST.AI (UID 87884)
Submissão	25/07/2025 03h24 (há 9 meses)
Moderação	04/08/2025 08h51 (10 days later)
Estado	Aceite
Entrada VulDB	318654 [Exrick xboot até 3.3.4 getMenuList Divulgação de Informação]
Pontos	19

Might our Artificial Intelligence support you?

Check our Alexa App!