Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-32777
HistoryAug 22, 2022 - 7:15 p.m.

Information disclosure

2022-08-2219:15:00
PRIOn knowledge base
www.prio-n.com
1

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.4%

JSON

An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The session cookie and the pass cookie miss the HttpOnly flag, making them accessible via JavaScript. The session cookie also misses the secure flag, which allows the session cookie to be leaked over non-HTTPS connections. This could allow an attacker to steal the session cookie via crafted HTTP requests.This vulnerabilty is for the session cookie which can be leaked via JavaScript.

CPENameOperatorVersion
avideoeq11.6

Related

osv 1
cvelist 1
cve 1
nvd 1
talos 1
talosblog 1
osv
osv
CVE-2022-32777
2022-08-22 19:15:10
cvelist
cvelist
CVE-2022-32777
2022-08-16 00:00:00
cve
cve
CVE-2022-32777
2022-08-22 19:15:10
nvd
nvd
CVE-2022-32777
2022-08-22 19:15:10
talos
talos
WWBN AVideo cookie information disclosure vulnerability
2022-08-16 00:00:00
talosblog
talosblog
Vulnerability Spotlight: Vulnerabilities in WWBN AVideo web app could lead to command injection, authentication bypass
2022-08-16 15:54:00

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.4%

JSON
Related for PRION:CVE-2022-32777
osv1cvelist1cve1nvd1talos1talosblog1