2 matches found
CVE-2020-13229
An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token...
CVE-2020-13229
Sysax Multi Server 6.90 is affected by CVE-2020-13229, where an attacker can hijack a session by observing the sid authentication token in any /scgi URI. The vulnerability directly exposes session confidentiality and integrity, as the sid value acts as an authentication token. NVD reports CVSS v3...