header-logo
Suggest Exploit
vendor:
Plone
by:
SecurityFocus
7,5
CVSS
HIGH
Session-Hijacking
384
CWE
Product Name: Plone
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2013

Plone Session-Hijacking Vulnerability

Plone is prone to a session-hijacking vulnerability. An attacker can exploit this issue to hijack user sessions and gain unauthorized access to the affected application.

Mitigation:

Users should be aware of the potential for session hijacking and take steps to protect their accounts. Administrators should ensure that the application is kept up to date with the latest security patches.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/61964/info

Plone is prone to a session-hijacking vulnerability.

An attacker can exploit this issue to hijack user sessions and gain unauthorized access to the affected application.

Note: This issue was previously discussed in the BID 61544 (Plone Multiple Remote Security Vulnerabilities), but has been moved to its own record to better document it. 

https://www.example.com/acl_users/credentials_cookie_auth/require_login?next=+https%3A//www.csnc.ch

Navigation

Suggest Exploit

Services By CQR