Lucene search
@huntrdevCVELIST:CVE-2023-5866HistoryOct 31, 2023 - 12:00 a.m.
CVE-2023-5866 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaq
2023-10-3100:00:42
CWE-614
@huntrdev
www.cve.org
cookie
https
session
github repository
thorsten/phpmyfaq
security vulnerability
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
18.3%
Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1.
CNA Affected
[
{
"vendor": "thorsten",
"product": "thorsten/phpmyfaq",
"versions": [
{
"version": "unspecified",
"lessThan": "3.2.1",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2023-5866
2023-10-31 01:15:07
cnvd
cnvd
phpMyFAQ Information Disclosure Vulnerability
2023-11-02 00:00:00
github
github
osv
osv
Sensitive cookie in HTTPS session without 'Secure' attribute in thorsten/phpmyfaq
2023-10-31 03:31:22
CVE-2023-5866
2023-10-31 01:15:07
veracode
veracode
Insecure Session Management
2023-11-01 14:47:44
nvd
nvd
CVE-2023-5866
2023-10-31 01:15:07
huntr
huntr
Cookie without Secure flag
2023-09-08 14:10:50
prion
prion
Session fixation
2023-10-31 01:15:00
openvas
openvas
phpMyFAQ < 3.2.1 Multiple Vulnerabilities
2023-11-02 00:00:00
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
18.3%
Related for CVELIST:CVE-2023-5866