Users login

Create an account »

JOIN XATRIX

Users login

Home » CVE Vulnerabilities » CVE-2017-6807

CVE-2017-6807 mod_auth_mellon before 0.13.1 is vulnerable to

  • CVE ID: CVE-2017-6807
  • Vendors: Uninett
  • Date: March 13, 2017
  • Severity: Medium
  • Impact score: 2.90
  • Exploit score: 8.60

mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Transfer attack, where a user with access to one web site running on a server can copy their session cookie to a different web site on the same server to get access to that site.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »