Home / os / winnt

iDS6 DSSPro Digital Signage System 6.2 Password Disclosure

Posted on 05 November 2020

iDS6 DSSPro Digital Signage System version 6.2 suffers from a cleartext transmission/storage of sensitive information in a cookie when using the Remember (autoSave=true) feature. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.

 

TOP

Malware :

Exploits :