6 matches found
EUVD-2025-3686
Malicious code in bioql PyPI...
EUVD-2025-7643
Malicious code in bioql PyPI...
CVE-2025-24387
A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation. This issue...
CVE-2025-24387 Missing CSRF protection
A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation. This issue...
CVE-2025-24390 Missing Cookie Flags
A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X...
CVE-2025-24390
The CVE-2025-24390 issue affects OTRS Application Server and reverse proxy configurations, enabling session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. Affected: OTRS 7.0.X, 8.0.X, 2023.X, 2024.X. Root cause: incomplete cookie security attributes in HTTPS ...