2 matches found
SoftCOM iKSORIS 授权问题漏洞
SoftCOM iKSORIS is an application from SoftCOM, Inc. An authorization issue vulnerability exists in SoftCOM iKSORIS versions prior to 79.0 that stems from allowing arbitrary session cookie values to be set, which could lead to account hijacking...
Design/Logic Flaw
The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 Patch 1 does not invalidate a session upon a logout action, which makes it easier for remote attackers to hijack sessions by leveraging knowledge of a sessio...