CVE-2002-0933

High

7.5/10

Summary

Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Oct 04, 2002

CVE-2002-0933

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS