Session Hijacking Vulnerability in PaperThin CommonSpot

Session Hijacking Vulnerability in PaperThin CommonSpot

CVE-2014-2871 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on an HTTP session for entering credentials on login pages, which allows remote attackers to obtain sensitive information by sniffing the network.

Learn more about our Network Penetration Testing.