Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote attackers to discover session cookies via a direct /session/list/allActiveSession request. For example, the attacker can discover the admin's cookie if the admin account happens to be logged in when the allActiveSession request occurs, and can then use that cookie immediately for admin access,
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Session 信息泄露漏洞
Vulnerability Description
Session是Oxen开源的一种新型的加密私人信使。 Netsia SEBA+ 版本 0.16.1 build 70-e669dcd7 存在信息泄露漏洞,攻击者可利用该漏洞通过直接会话列表allActiveSession请求发现会话cookie。
CVSS Information
N/A
Vulnerability Type
N/A