Search

Contact Us

Log in

Vulnerabilities / Session Token in URL

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N

Severity
medium
CWE NameSession Token in URL
CWE IDCWE-200
CWE Score5.9
Compliance
OWASP TOP10 -> A2, A7
PCI-DSS -> 6.5.10
ISO 27001 -> A.8.2, A.8.3
HIPAA -> 164.306(a)
CVSS3.0
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
Confidentiality ImpactHigh
Integrity ImpactLow
Availability ImpactNone
Session Token in URL