CVE-2008-4122

Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
Configurations

Configuration 1

cpe:2.3:a:joomla:joomla:1.5.8:*:*:*:*:*:*:*

Information

Published : 2008-12-19 05:30

Updated : 2018-10-11 08:51


NVD link : CVE-2008-4122

Mitre link : CVE-2008-4122

Products Affected
No products.
CWE
CWE-319

Cleartext Transmission of Sensitive Information