Absolute Newsletter Cookie Authentication Bypass Vulnerability

Absolute Newsletter is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication.

Attackers can exploit this vulnerability to gain administrative access, which may aid in further attacks.

Absolute Newsletter 6.1 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus