CVE-2020-14017

CVE-2020-14017

An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such as CSRF tokens, are stored in cleartext files in the directory /private/sessions. An unauthenticated user could use a brute-force approach to attempt to identify existing sessions, or view the contents of this file to discover details about a session.

Source: CVE-2020-14017

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다