2 matches found
Cookie Poisoning
Quarkus-HTTP is vulnerable to Cookie Poisoning. The vulnerability is due to improper parsing of cookies with specific value-delimiting characters, allowing attackers to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values...
Ubuntu 14.04 LTS / 16.04 LTS : Django vulnerability (USN-3089-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3089-1 advisory. Sergey Bobrov discovered that Django incorrectly parsed cookies when being used with Google Analytics. A remote attacker could possibly use this issue...