Packet Storm

exploit the possibilities

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Micro Focus GroupWise Session ID Disclosure: Posted Jan 27, 2023; Authored by Stefan Pietsch | Site trovent.io; Micro Focus GroupWise is a messaging software for email and personal information management. Trovent Security GmbH discovered that the GroupWise web application transmits the session ID in HTTP GET requests in the URL when email content is accessed. The exposed session ID can be recorded in the browser history of the client and in log files of the web server or reverse proxy server. A possible attacker with access to the browser history or the server log files is able to take control of the user session with the help of the session ID. Versions prior to 18.4.2 are affected.; tags | exploit, web; advisories | CVE-2022-38756; SHA-256 | 45d877f2bc8d1d68f308fad7fe918c90f982d284964eee41b93805a3c6fb1ad2; Download | Favorite | View

Related Files

No related files

Top Authors In Last 30 Days

Red Hat 227 files
indoushka 136 files
Jay Turla 111 files
Ubuntu 63 files
Gentoo 33 files
Debian 27 files
sinn3r 23 files
h00die 23 files
Pedro Ribeiro 21 files
juan vazquez 18 files

File Tags

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (377)
CentOS (58)
Cisco (1,944)
Debian (7,112)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (386)
iPhone (108)
IRIX (220)
Juniper (70)
Linux (50,966)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,661)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,788)
UNIX (9,443)
UnixWare (187)
Windows (6,732)
Other

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec