CVE-2012-2731

Name of the Vulnerable Software and Affected Versions Ubercart AJAX Cart versions 6.x-2.x before 6.x-2.1

Description The issue allows remote attackers to potentially obtain sensitive information by sniffing or reading the cache of the HTML of a webpage, as the PHP session id is stored in the JavaScript settings array in page loads.

Recommendations For Ubercart AJAX Cart versions 6.x-2.x before 6.x-2.1, update to version 6.x-2.1 or later to resolve the issue.