Security Advisory

CVE-2019-5640

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-11-22 16:35:10
Last updated 2024-09-17 00:15:52
Assigner rapid7
State PUBLISHED

Description

Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the users session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous user