Antony Lesuisse : Security Vulnerabilities, CVEs,
ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote attackers to (1) hijack a session or (2) cause a denial of service (session ID exhaustion) via a brute-force attack.
Max CVSS
6.8
EPSS Score
2.80%
Published
2009-05-14
Updated
2018-10-10
1 vulnerabilities found