| tiêu đề | Exrick https://github.com/Exrick/xboot <=3.3.4 User's Sensitive Information is included in Cookies |
|---|
| Mô tả | In the latest version (v3.3.4) of xboot, there are security flaws in the cookie design. Sensitive user information including uid, username, nickname, mobile, email, address, sex, avatar URL, and birthday are all stored in cookies. If these cookies are compromised, attackers can leverage this information to launch more sophisticated attacks such as brute force attacks, social engineering, and phishing. |
|---|
| Nguồn | ⚠️ https://github.com/Exrick/xboot/issues/69 |
|---|
| Người dùng | ZAST.AI (UID 87884) |
|---|
| Đệ trình | 25/07/2025 03:24 (cách đây 9 các tháng) |
|---|
| Kiểm duyệt | 04/08/2025 08:51 (10 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 318654 [Exrick xboot đến 3.3.4 getMenuList tiết lộ thông tin] |
|---|
| điểm | 19 |
|---|