Thanks to the weaknesses that the web application has at the user management level, an attacker could obtain the information from the headers that is necessary to create specially designed URLs and originate malicious actions when a legitimate user is logged into the web application.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:HSocomec Modulys Gp
HWSocomecwszystkie wersjeSocomec Modulys Gp Firmware
OSSocomec01.12.10
Powiązane podatności
Session management within the web application is incorrect and allows attackers to steal session co...
The web application that owns the device clearly stores the credentials within the user managem...
The absence of filters when loading some sections in the web application of the vulnerable device...
Sending some requests in the web application of the vulnerable device allows information to be obtained due to...
A potential attacker with or without (cookie theft) access to the device would be able to inc...