Lucene search
@huntrdevVULNRICHMENT:CVE-2023-5866HistoryOct 31, 2023 - 12:00 a.m.
CVE-2023-5866 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaq
2023-10-3100:00:42
CWE-614
@huntrdev
github.com
sensitive cookie
https session
secure attribute
github repository
cve-2023-5866
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
6.7
Confidence
High
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1.
Related
cve
cve
CVE-2023-5866
2023-10-31 01:15:07
cnvd
cnvd
phpMyFAQ Information Disclosure Vulnerability
2023-11-02 00:00:00
github
github
prion
prion
Session fixation
2023-10-31 01:15:00
cvelist
cvelist
huntr
huntr
Cookie without Secure flag
2023-09-08 14:10:50
osv
osv
CVE-2023-5866
2023-10-31 01:15:07
veracode
veracode
Insecure Session Management
2023-11-01 14:47:44
nvd
nvd
CVE-2023-5866
2023-10-31 01:15:07
openvas
openvas
phpMyFAQ < 3.2.1 Multiple Vulnerabilities
2023-11-02 00:00:00
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
6.7
Confidence
High
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-5866