Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Microsoft Internet Explorer cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Internet Explorer Cookie修改漏洞
Vulnerability Description
Microsoft Internet Explorer是美国微软(Microsoft)公司发布的Windows操作系统中默认捆绑的Web浏览器。 Microsoft Internet Explorer不能正确限制建立在HTTPS会话中的cookies的修改。中间人攻击者可借助HTTP响应中的Set-Cookie头覆盖或者删除任意cookies。
CVSS Information
N/A
Vulnerability Type
N/A