|
|
MakeBid Auction Deluxe Plaintext Cookie Vulnerability
MakeBid Auction Deluxe is software for hosting real-time auctions on a website. It is written in Perl and will run on most Unix and Linux variants. MakeBid Auction Deluxe stores authentication credentials in plaintext in cookies. BugTraq ID 4069 "MakeBid Auction Deluxe Cross-Site Scripting Vulnerability" describes an issue which allows a remote attacker to steal cookies from legitimate users of the service. In combination with this issue, an attacker is able to access auction accounts of other legitimate users. |
|
Privacy Statement |