Home » CVE Vulnerabilities » CVE-2017-6807

CVE-2017-6807 mod_auth_mellon before 0.13.1 is vulnerable to

CVE ID: CVE-2017-6807
Vendors: Uninett
Date: March 13, 2017

Severity: Medium
Impact score: 2.90
Exploit score: 8.60

mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Transfer attack, where a user with access to one web site running on a server can copy their session cookie to a different web site on the same server to get access to that site.

From the forum

The forums are now OPEN AGAIN!

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Users login

JOIN XATRIX

CVE-2017-6807 mod_auth_mellon before 0.13.1 is vulnerable to

Industry news

Latest advisories

From the forum

Newsletter signup

Free E-books

Contact