CVE-2014-5128

iii Encore Discovery Solution 4.3 - Session Token Exposure in URI

Title source: llm
STIX 2.1

Description

Innovative Interfaces Encore Discovery Solution 4.3 places a session token in the URI, which might allow remote attackers to obtain sensitive information via unspecified vectors.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/533233/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95570
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/69431

Scores

EPSS 0.0234
EPSS Percentile 81.6%

Details

CWE
CWE-200
Status published
Products (1)
iii/encore_discovery_solution 4.3
Published Aug 29, 2014
Tracked Since Feb 18, 2026