RSS   Vulnerabilities for 'Ubercart ajax cart'   RSS

2012-06-26
 
CVE-2012-2731

CWE-200
 

 
The Ubercart AJAX Cart 6.x-2.x before 6.x-2.1 for Drupal stores the PHP session id in the JavaScript settings array in page loads, which might allow remote attackers to obtain sensitive information by sniffing or reading the cache of the HTML of a webpage.

 


Copyright 2024, cxsecurity.com

 

Back to Top