CVE-2014-2871

CommonSpot Content Server < 7.0.2 and 8.x < 8.0.3 - Sensitive Information Exposure via Session Sniffing

Title source: llm
STIX 2.1

Description

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on an HTTP session for entering credentials on login pages, which allows remote attackers to obtain sensitive information by sniffing the network.

References (1)

Core 1
Core References
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/437385

Scores

EPSS 0.0196
EPSS Percentile 77.9%

Details

CWE
CWE-200
Status published
Products (4)
paperthin/commonspot_content_server 8.0.0
paperthin/commonspot_content_server 8.0.1
paperthin/commonspot_content_server 8.0.2
paperthin/commonspot_content_server < 7.0.1
Published Apr 15, 2014
Tracked Since Feb 18, 2026