CVE-2003-1560Sensitive Information Exposure in Navigator

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.3%
top 51.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netscape Navigator
Timeline
PublishedDec 31
Latest updateApr 29

Description

Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-fpmp-28qw-xm8r: Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive2022-04-29
CVEList
CVE-2003-1560: Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive2008-07-14
CVE-2003-1560 — Sensitive Information Exposure | cvebase