2020-12-10 08:06:50
mitre
PUBLISHED
In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a users cookie values and the predefined developers cookie value.