Richardo Ante » Ubercart Ajax Cart : Security Vulnerabilities, CVEs, Published In 2012 (Information Leak)
The Ubercart AJAX Cart 6.x-2.x before 6.x-2.1 for Drupal stores the PHP session id in the JavaScript settings array in page loads, which might allow remote attackers to obtain sensitive information by sniffing or reading the cache of the HTML of a webpage.
Max CVSS
2.6
EPSS Score
0.56%
Published
2012-06-27
Updated
2017-08-29
1 vulnerabilities found