CVE-2015-2296

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
6.8
MEDIUM
Affected
1
PROJECT

Description

The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.

kennethreitz/requests
kennethreitz/requests
A simple, yet elegant HTTP library.
GitHubGitHub
309