CVE-2014-2871
CommonSpot Content Server < 7.0.2 and 8.x < 8.0.3 - Sensitive Information Exposure via Session Sniffing
Title source: llmDescription
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on an HTTP session for entering credentials on login pages, which allows remote attackers to obtain sensitive information by sniffing the network.
References (1)
Core 1
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/437385
Scores
EPSS
0.0196
EPSS Percentile
77.9%
Details
CWE
CWE-200
Status
published
Products (4)
paperthin/commonspot_content_server
8.0.0
paperthin/commonspot_content_server
8.0.1
paperthin/commonspot_content_server
8.0.2
paperthin/commonspot_content_server
< 7.0.1
Published
Apr 15, 2014
Tracked Since
Feb 18, 2026