Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Manyfold vulnerable to session hijack via cookie leakage in proxy caches
Vulnerability Description
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Versions prior to 0.133.0 are vulnerable to session hijack via cookie leakage in proxy caches. Version 0.133.0 fixes the issue.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Vulnerability Type
不充分的会话过期机制
Vulnerability Title
Manyfold 代码问题漏洞
Vulnerability Description
Manyfold是Manyfold开源的一个自托管网络应用。 Manyfold 0.133.0之前版本存在代码问题漏洞,该漏洞源于代理缓存中的Cookie泄露,可能导致会话劫持。
CVSS Information
N/A
Vulnerability Type
N/A