Session Hijacking Vulnerability in WebX Bulletin Board

CVE-2001-1532 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

WebX stores authentication information in the HTTP_REFERER variable, which is included in URL links within bulletin board messages posted by users, which could allow remote attackers to hijack user sessions.

Learn more about our User Device Pen Test.