4 matches found
CVE-2024-56733
creationtimestamp| type| source ---|---|--- 2024-12-30 16:48:39+00:00| seen| https://infosec.exchange/users/cve/statuses/113742795180540697 2024-12-30 19:18:33+00:00| seen| https://t.me/cvedetector/13941...
CVE-2024-56733 Password Pusher Allows Session Token Interception Leading to Potential Hijacking
Password Pusher is an open source application to communicate sensitive information over the web. A vulnerability has been reported in versions 1.50.3 and prior where an attacker can copy the session cookie before a user logs out, potentially allowing session hijacking. Although the session token ...
CVE-2024-56733 Password Pusher Allows Session Token Interception Leading to Potential Hijacking
Password Pusher is an open source application to communicate sensitive information over the web. A vulnerability has been reported in versions 1.50.3 and prior where an attacker can copy the session cookie before a user logs out, potentially allowing session hijacking. Although the session token ...
CVE-2024-56733
CVE-2024-56733 affects Password Pusher (versions ≤ 1.50.3). A vulnerability allows an attacker to copy the session cookie before logout, potentially enabling session hijacking until the token expires or is cleared. Root cause centers on accessing an active session cookie (e.g., MITM, XSS, or loca...