A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of the file /xboot/permission/getMenuList. The manipulation leads to cleartext storage of sensitive information in a cookie. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XExrick Xboot
APPExrick≤ 3.3.4
Related vulnerabilities
A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an ...
A vulnerability was found in Exrick xboot up to 3.3.4. It has been declared as critical. This vulnerability af...
A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some ...
Obejście uwierzytelnienia w Exrick Xmall v1.1 poprzez crafted GET request
Eskalacja uprawnień w Exrick Xmall przez metodę updateAddress