CVE-2001-1532

2005-07-1404:00:00

mitre

www.cve.org

webx

authentication info

http_referer

session hijack

AI Score

6.6

Confidence

Low

EPSS

0.005

Percentile

77.7%

JSON

WebX stores authentication information in the HTTP_REFERER variable, which is included in URL links within bulletin board messages posted by users, which could allow remote attackers to hijack user sessions.

References

www.iss.net/security_center/static/7458.php

www.securityfocus.com/archive/1/223799