CVE-2024-8644
EUVD-2024-4932127.09.2024, 12:15
Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp allows Protocol Manipulation, : JSON Hijacking (aka JavaScript Hijacking).This issue affects ValeApp: before v2.0.0.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| oceanicsoft | valeapp | 𝑥 < 2.0.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-315 - Cleartext Storage of Sensitive Information in a CookieThe application stores sensitive information in cleartext in a cookie.
- CWE-312 - Cleartext Storage of Sensitive InformationThe product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.