Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens.This issue affects Elektraweb: before v17.0.68.
References
Link | Resource |
---|---|
https://www.usom.gov.tr/bildirim/tr-24-0808 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: TR-CERT
Published: 2024-06-27T09:27:41.220Z
Updated: 2024-06-27T13:43:49.034Z
Reserved: 2024-01-26T12:45:13.714Z
Link: CVE-2024-0947
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-27T10:15:11.563
Modified: 2024-06-27T12:47:19.847
Link: CVE-2024-0947
JSON object: View
Redhat Information
No data.
CWE