Vulnerabilities > CVE-2023-6144 - Unspecified vulnerability in Armanidrisi DEV Blog 1.0
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |