4 matches found
CVE-2020-35591
Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new session cookie after the user is logged in. A malicious user is able to create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes valid, giving the...
CVE-2020-35591
Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new session cookie after the user is logged in. A malicious user is able to create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes valid, giving the...
CVE-2020-35591
Pi-hole 5.0, 5.1, and 5.1.1 are affected by a session fixation vulnerability. The issue arises because the application does not generate a new session cookie after login, allowing a malicious user to forge a new session cookie value and gain access to a victim’s account after they log in. Connect...
Pi-hole Web Interface < 5.4 Multiple Vulnerabilities
The Pi-hole Web Interface previously AdminLTE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...