Lucene search
HistoryOct 31, 2023 - 1:15 a.m.
CVE-2023-5866
cookie security
https
github
repository
cve-2023-5866
5.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
0.0005 Low
EPSS
Percentile
18.3%
Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1.
Affected configurations
Node
phpmyfaqphpmyfaqRange<3.2.1
Related
cve
cve
CVE-2023-5866
2023-10-31 01:15:07
cnvd
cnvd
phpMyFAQ Information Disclosure Vulnerability
2023-11-02 00:00:00
github
github
osv
osv
Sensitive cookie in HTTPS session without 'Secure' attribute in thorsten/phpmyfaq
2023-10-31 03:31:22
CVE-2023-5866
2023-10-31 01:15:07
veracode
veracode
Insecure Session Management
2023-11-01 14:47:44
huntr
huntr
Cookie without Secure flag
2023-09-08 14:10:50
prion
prion
Session fixation
2023-10-31 01:15:00
cvelist
cvelist
openvas
openvas
phpMyFAQ < 3.2.1 Multiple Vulnerabilities
2023-11-02 00:00:00
5.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
0.0005 Low
EPSS
Percentile
18.3%
Related for NVD:CVE-2023-5866