Description
The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.
CVE vulnerabilities with CWE-565 (81)
10.0
CVSS
CRITICAL
CVE-2023-45128
pub. 2023-10-16
10.0
CVSS
CRITICAL
CVE-2023-41084
pub. 2023-09-18
9.8
CVSS
CRITICAL
CVE-2014-125112
pub. 2026-03-26
9.8
CVSS
CRITICAL
CVE-2025-65212
pub. 2026-01-06
9.8
CVSS
CRITICAL
CVE-2025-14440
pub. 2025-12-13
9.8
CVSS
CRITICAL
CVE-2025-2395
pub. 2025-03-17
9.8
CVSS
CRITICAL
CVE-2024-0947
pub. 2024-06-27
9.8
CVSS
CRITICAL
CVE-2024-28288
pub. 2024-03-30
9.8
CVSS
CRITICAL
CVE-2023-35885
pub. 2023-06-20
9.8
CVSS
CRITICAL
CVE-2023-3050
pub. 2023-06-13
9.8
CVSS
CRITICAL
CVE-2022-38297
pub. 2022-09-12
9.8
CVSS
CRITICAL
CVE-2021-28171
pub. 2021-04-06
9.8
CVSS
CRITICAL
CVE-2019-7266
pub. 2019-07-02
9.8
CVSS
CRITICAL
CVE-2018-20512
pub. 2019-01-03
9.8
CVSS
CRITICAL
CVE-2018-5190
pub. 2018-04-17
9.8
CVSS
CRITICAL
CVE-2018-5455
pub. 2018-03-05
9.8
CVSS
CRITICAL
CVE-2017-7279
pub. 2017-04-12
9.8
CVSS
CRITICAL
CVE-2008-5784
pub. 2008-12-31
9.6
CVSS
CRITICAL
CVE-2023-32725
pub. 2023-12-18
9.3
CVSS
CRITICAL
CVE-2026-39324
pub. 2026-04-07
Showing 20 of 81 vulnerabilities