CVE-2022-30623 Information

Description

The server checks the user’s cookie in a non-standard way and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system using a username and password.

Reference

https://www.gov.il/en/Departments/faq/cve_advisories