PT-2020-7457 · Unknown · Projectpier

Published

2020-02-07

Updated

2020-05-06

CVE-2013-3636

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: ProjectPier version 0.8.8

Description: The issue is related to a Remote Information Disclosure Weakness due to the lack of the HttpOnly cookie flag.

Recommendations: For ProjectPier version 0.8.8, consider setting the HttpOnly cookie flag to mitigate the risk of information disclosure.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2013-3636

Projectpier