cve/CVE-2019-19739.md at 9ac4b787af2fa0b7575b28040edee6199ce9a667 - cve - 临风笛

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

654 B

Raw Blame History

CVE-2019-19739

Description

MFScripts YetiShare 3.5.2 through 4.5.3 does not set the Secure flag on session cookies, allowing the cookie to be sent over cleartext channels.

POC

Reference

https://medium.com/@jra8908/yetishare-3-5-2-4-5-3-multiple-vulnerabilities-2d01d0cd7459

Github

No PoCs found on GitHub currently.