CVE-2022-38846 – EspoCRM version 7.1.8 is vulnerable to Missing Secure Flag allowing the browser to send pl …

16 September 2022

Vuln ID: CVE-2022-38846

Published: 2022-09-16 14:15:09Z

Description: EspoCRM version 7.1.8 is vulnerable to Missing Secure Flag allowing the browser to send plain text cookies over an insecure channel (HTTP). An attacker may capture the cookie from the insecure channel using MITM attack.

Source: NVD.NIST.GOV

Date:

16 September 2022

Categorie(s):

NVD

Tag(s):

NVD

Data Security – How Safe Is Data In Our Technology Driven World?20 April 2024
Win 95, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland… – SWN #37919 April 2024
5.3M World-Check records may be leaked; how to check your records19 April 2024
Sacramento airport goes no-fly after AT&T internet cable snipped19 April 2024
Active adversary report: Ransomware hit a ceiling, but security teams at risk for more pain19 April 2024