AlayaCare's Procura Portal 9.0.1.2 Vulnerability: Authentication Cookie Forgery
CVE-2023-6451 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.
Learn more about our Web Application Penetration Testing UK.