2 matches found
CVE-2019-5647 Rapid7 AppSpider Chrome Plugin Insufficient Session Expiration
The Chrome Plugin for Rapid7 AppSpider can incorrectly keep browser sessions active after recording a macro, even after a restart of the Chrome browser. This behavior could make future session hijacking attempts easier, since the user could believe a session was closed when it was not. This issue...
CVE-2019-5647
The CVE-2019-5647 issue affects the Chrome Plugin for Rapid7 AppSpider, where browser sessions can remain active after recording a macro and even after Chrome restarts. Affected product: Rapid7 AppSpider Chrome Plugin (versions up to 3.8.213). Root cause: sessions not expired as expected, enablin...