VYPR
Unrated severityNVD Advisory· Published Dec 31, 2023· Updated Apr 17, 2025

CVE-2021-46900

CVE-2021-46900

Description

Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Sympa/Sympacpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <6.2.62

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.