MFScripts YetiShare 3.5.2 up to and including 4.5.3 does not set the SameSite flag on session cookies, allowing the cookie to be sent in cross-site requests and potentially be used in cross-site request forgery attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mfscripts yetishare |