CVE-2014-5128 Information

Description

Innovative Interfaces Encore Discovery Solution 4.3 places a session token in the URI which might allow remote attackers to obtain sensitive information via unspecified vectors.

Reference

http://packetstormsecurity.com/files/128013/Encore-Discovery-Solution-4.3-Open-Redirect-Session-Token-In-URL.html http://www.securityfocus.com/archive/1/533233/100/0/threaded http://www.securityfocus.com/bid/69431 https://exchange.xforce.ibmcloud.com/vulnerabilities/95570