CVE-2001-1536

2022-10-0316:22:34

mitre

www.cve.org

autogalaxy

cleartext

unauthorized access

sniffing

cross-site scripting

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.8%

JSON

Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.

References

www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2001-11/0225.html

www.iss.net/security_center/static/7621.php

www.securityfocus.com/bid/3587