Lucene search
Veracode Vulnerability DatabaseVERACODE:27666HistoryOct 25, 2020 - 12:38 p.m.
Cross-site Session Transfer
2020-10-2512:38:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
cross-site session transfer
web server
session cookie
EPSS
0.001
Percentile
35.6%
mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Transfer attack, where a user with access to one web site running on a server can copy their session cookie to a different web site on the same server to get access to that site.
Related
debiancve
debiancve
CVE-2017-6807
2017-03-13 14:59:00
ubuntucve
ubuntucve
CVE-2017-6807
2017-03-13 00:00:00
nessus
nessus
Amazon Linux AMI : mod_auth_mellon / mod24_auth_mellon (ALAS-2018-968)
2018-03-09 00:00:00
EulerOS 2.0 SP3 : mod_auth_mellon (EulerOS-SA-2019-2632)
2019-12-18 00:00:00
EulerOS 2.0 SP2 : mod_auth_mellon (EulerOS-SA-2019-2388)
2019-12-10 00:00:00
prion
prion
Cross site scripting
2017-03-13 14:59:00
amazon
amazon
Medium: mod_auth_mellon, mod24_auth_mellon
2018-03-07 21:37:00
cvelist
cvelist
CVE-2017-6807
2017-03-13 14:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for mod_auth_mellon (EulerOS-SA-2019-2632)
2020-01-23 00:00:00
Ubuntu: Security Advisory (USN-4597-1)
2020-10-23 00:00:00
Huawei EulerOS: Security Advisory for mod_auth_mellon (EulerOS-SA-2019-2388)
2020-01-23 00:00:00
osv
osv
CVE-2017-6807
2017-03-13 14:59:00
libapache2-mod-auth-mellon vulnerabilities
2020-10-22 12:47:17
cve
cve
CVE-2017-6807
2017-03-13 14:59:00
nvd
nvd
CVE-2017-6807
2017-03-13 14:59:00
redhatcve
redhatcve
CVE-2017-6807
2017-03-13 15:18:11
ubuntu
ubuntu
mod_auth_mellon vulnerabilities
2020-10-22 00:00:00