CVE-2020-35591 – Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a n …

18 February 2021

Vuln ID: CVE-2020-35591

Published: 2021-02-18 20:15:12Z

Description: Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new session cookie after the user is logged in. A malicious user is able to create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes valid, giving the attacker access to the user’s account through the active session.

Source: NVD.NIST.GOV

Date:

18 February 2021

Categorie(s):

NVD

Tag(s):

NVD

TensorFlow AI models at risk due to Keras API flaw23 April 2024
Hackers infect users of antivirus service that delivered updates over HTTP23 April 2024
Top 5 Cybersecurity Threats That eCommerce Websites Should Watch Out For23 April 2024
Google ad for Facebook redirects to scam23 April 2024
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland… – SWN #38023 April 2024