CVE-2006-4763

CVE-2006-4763 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

IBM Lotus Domino Web Access (DWA) 7.0.1 does not expire a client's Lightweight Third-Party Authentication token (LtpaToken) upon logout, which allows remote attackers to obtain a user's privileges by intercepting the LtpaToken cookie.

Learn more about our Web App Pen Testing.