CVE-2022-2888

Publication date

2022-09-21 11:25:08

Family

@huntrdev

State

PUBLISHED

Description

If an attacker comes into the possession of a victims OctoPrint session cookie through whatever means, the attacker can use this cookie to authenticate as long as the victims account exists.