hoteldruid has insecure session token. The vulnerability exists due to an exposed session tokens in multiple links via GET parameters, allowing attackers to access user session id’s.
CPE | Name | Operator | Version |
---|---|---|---|
hoteldruid:sid | eq | 3.0.1-1 | |
hoteldruid:sid | eq | 3.0.1-1 |