Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-6144

Disclosure Date: November 21, 2023 (last updated November 30, 2023)
Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0