CVE-2018-10377

CVE-2018-10377

EPSS 0.9%

PortSwigger Burp Suite before 1.7.34 has Improper Certificate Validation of the Collaborator server certificate, which might allow man-in-the-middle attackers to obtain interaction data.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://releases.portswigger.net/2018/06/1734.html https://hackerone.com/reports/337680 https://integritylabs.io/advisories/cve-2018-10377