EUVD-2024-3188

Malicious code in bioql PyPI...

CVE-2024-11023

Firebase JavaScript SDK utilizes a "FIREBASEDEFAULTS" cookie to store configuration data, including an "authTokenSyncURL" field used for session synchronization. If this cookie field is preset via an attacker by any other method, the attacker can manipulate the "authTokenSyncURL" to point to thei...

CVE-2024-11023

Firebase JavaScript SDK stores configuration data in a FIREBASE_DEFAULTS cookie, including an _authTokenSyncURL field. Connected sources describe that if an attacker can preset or modify this cookie, they can redirect the token sync URL to a malicious server and capture user session data transmit...

CVE-2024-11023 Session Hijacking in Firebase JavaScript SDK

Firebase JavaScript SDK utilizes a "FIREBASEDEFAULTS" cookie to store configuration data, including an "authTokenSyncURL" field used for session synchronization. If this cookie field is preset via an attacker by any other method, the attacker can manipulate the "authTokenSyncURL" to point to thei...

Google Firebase Js Sdk 安全漏洞

Google Firebase Js Sdk is a client-side code base for connecting to the Firebase backend service from Google. firebase/util versions prior to 0.3.4 contain a prototype contamination vulnerability that originates from the deepExtend function in DeepCopy.ts. An attacker could exploit this...