Uninett - Mod Auth Mellon CVE

Filtered by vendor Uninett Subscribe

Filtered by product Mod Auth Mellon

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-6807	1 Uninett	1 Mod Auth Mellon	2017-03-15	4.3 MEDIUM	6.1 MEDIUM
mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Transfer attack, where a user with access to one web site running on a server can copy their session cookie to a different web site on the same server to get access to that site.

Vulnerabilities (CVE)