CVE-2002-0097

High

7.5/10

Summary

Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Mar 25, 2002

CVE-2002-0097

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS