Vulnerabilities

CVE-2016-2304

by Fred · 21/04/2016

Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

Date published : 2016-04-21

https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03

Similar

Tags: Cybersecurity Alert