WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote malicious users to spoof session cookies by leveraging knowledge of this key.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell suse_linux 11 |