N/A

DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

N/A

N/A

DDSN Interactive cm3 Acora CMS 远程信息泄露漏洞

DDSN Interactive cm3 Acora CMS是澳大利亚DDSN Interactive公司的一套内容管理系统和内容管理框架（CMS/CMF），它支持电子邮件、电子商务等模块。 DDSN Interactive cm3 Acora CMS中存在安全漏洞，该漏洞源于程序没有对https会话中的cookie设置安全标志。远程攻击者可通过访问cookie利用该漏洞获取敏感信息。以下版本受到影响：DDSN Interactive cm3 Acora CMS 6.0.6/1a，6.0.2/1a，5.5

N/A

N/A