CVE 2023-6144
Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- MISC: https://fluidattacks.c...
- MISC: https://github.com/Arm...
© 2004-2023
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
886068b
(Get the code!)