Description
A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.
Remediation
References
Related Vulnerabilities
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-8810)
WordPress Plugin Easy Digital Downloads-htaccess Editor Cross-Site Scripting (1.0.0)
WordPress Plugin Feed Statistics Open Redirect (3.0)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947)