ajaxterm.js in AjaxTerm 0.10 and previous versions generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote malicious users to (1) hijack a session or (2) cause a denial of service (session ID exhaustion) via a brute-force attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
antony lesuisse ajaxterm |
||
antony lesuisse ajaxterm 0.7 |
||
antony lesuisse ajaxterm 0.6 |
||
antony lesuisse ajaxterm 0.8 |
||
antony lesuisse ajaxterm 0.9 |