Primary

Context

SICK Incoming Goods Suite Authentication Token Exposure Vulnerability

Vulnerability

A vulnerability exists in SICK Incoming Goods Suite that allows authentication tokens to be transmitted via the URL as query string parameters. This exposure can lead to token theft through server logs, proxy logs, and Referer headers, potentially allowing attackers to hijack user sessions and gain unauthorized access. This issue affects all versions of the SICK Incoming Goods Suite.

Impact

Exploitation of this vulnerability could result in unauthorized access to user accounts by hijacking active sessions.

Remediation

Users are strongly recommended to upgrade to the latest release of SICK Incoming Goods Suite (version 1.2.1 or higher).

Added: Jan 15, 2026, 3:01 PM

Updated: Jan 15, 2026, 3:01 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

5.8

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

5.8

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SICK Incoming Goods Suite Authentication Token Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating