PT-2023-32385 · Phpmyfaq · Phpmyfaq

Publicado

2023-10-31

·

Atualizado

2023-11-08

·

CVE-2023-5866

CVSS v3.1

6.3

Média

VetorAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Name of the Vulnerable Software and Affected Versions phpmyfaq versions prior to 3.2.1
Description The issue concerns a sensitive cookie in an HTTPS session that lacks the 'Secure' attribute. This could potentially allow unauthorized access to session data.
Recommendations For versions prior to 3.2.1, update to version 3.2.1 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-614

Identificadores relacionados

CVE-2023-5866
GHSA-34W4-WRQP-J47G

Produtos afetados

Phpmyfaq