Vulnerabilities

CVE-2024-6741

by Fred · 15/07/2024

Openfind’s Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled.

More information : https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf

Similar

Tags: Cybersecurity Alert