noVNC 'include/webutil.js' session hijacking vulnerability
NOVNC is a VNC client , using HTML 5 WebSockets, Canvas and JavaScript technology . A session hijacking vulnerability exists in noVNC 'include/webutil.js', which allows attackers to exploit the vulnerability to gain unauthorized access to the application...