Vulnerabilities

CVE-2024-30155

by Fred · 26/03/2025

HCL SX does not set the secure attribute on authorization tokens or session cookies. Attackers may potentially be able to obtain access to the cookie values via a Cross-Site-Forgery-Request (CSRF).

More information : https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120110

Similar

Tags: Cybersecurity Alert