RSS   Vulnerabilities for 'Appspider'   RSS

2020-01-22
 
CVE-2019-5647

CWE-613
 

 
The Chrome Plugin for Rapid7 AppSpider can incorrectly keep browser sessions active after recording a macro, even after a restart of the Chrome browser. This behavior could make future session hijacking attempts easier, since the user could believe a session was closed when it was not. This issue affects Rapid7 AppSpider version 3.8.213 and prior versions, and is fixed in version 3.8.215.

 

 >>> Vendor: Rapid7 9 Products
Nexpose
Appspider pro
Metasploit
Insight collector
Komand
Insightvm
Insight agent
Insightappsec
Appspider


Copyright 2020, cxsecurity.com

 

Back to Top