CVE-2014-5128
iii Encore Discovery Solution 4.3 - Session Token Exposure in URI
Title source: llmDescription
Innovative Interfaces Encore Discovery Solution 4.3 places a session token in the URI, which might allow remote attackers to obtain sensitive information via unspecified vectors.
References (4)
Core 4
Core References
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/128013/Encore-Discovery-Solution-4.3-Open-Redirect-Session-Token-In-URL.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/533233/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95570
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/69431
Scores
EPSS
0.0234
EPSS Percentile
81.6%
Details
CWE
CWE-200
Status
published
Products (1)
iii/encore_discovery_solution
4.3
Published
Aug 29, 2014
Tracked Since
Feb 18, 2026