Vulnerability Details CVE-2013-3636
ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the HttpOnly cookie flag
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.2%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
- http://packetstormsecurity.com/files/122341/Project-Pier-0.8.8-XSS-Insecure-Cookies.html
- http://www.securityfocus.com/bid/60739
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85609
- http://packetstormsecurity.com/files/122341/Project-Pier-0.8.8-XSS-Insecure-Cookies.html
- http://www.securityfocus.com/bid/60739
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85609
Products affected by CVE-2013-3636
-
cpe:2.3:a:projectpier:projectpier:0.8.8