← Retour aux CVEs
CVE-2008-2558
N/ADescription
CRE Loaded 6.2.13.1 and earlier does not set the "Secure" attribute for cookies that are sent over HTTPS, which might allow remote attackers to sniff the cookies if they are sent over HTTP.
Details CVE
Score CVSS v3.1N/A
Publie6/5/2008
Derniere modification4/9/2025
Sourcenvd
Observations honeypot0
Produits affectes
cre_loaded:cre_loaded
Faiblesses (CWE)
CWE-310
References
http://oscommerceuniversity.com/lounge/index.php?topic=255.0(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42889(cve@mitre.org)
http://oscommerceuniversity.com/lounge/index.php?topic=255.0(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42889(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.