Bitrix: >> Bitrix E-Store Module Security Vulnerabilities
The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack.
CVSS Score
7.5
EPSS Score
0.004
Published
2014-05-30