Description
A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.
Remediation
References
Related Vulnerabilities
WordPress Plugin Login Widget With Shortcode Cross-Site Request Forgery (3.1.1)
WordPress Plugin wp Dreamwork Gallery 'upload.php' Arbitrary File Upload (2.1)
WordPress Plugin Login as User or Customer Security Bypass (1.7)
Drupal Other Vulnerability (CVE-2024-11942)
Oracle Application Server Other Vulnerability (CVE-2005-3448)