Planet eStream before 6.72.10.07 discloses sensitive...
Moderate severity
Unreviewed
Published
Dec 25, 2022
to the GitHub Advisory Database
•
Updated Apr 14, 2025
Description
Published by the National Vulnerability Database
Dec 25, 2022
Published to the GitHub Advisory Database
Dec 25, 2022
Last updated
Apr 14, 2025
Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclosure).
References