Vulnerabilities

CVE-2024-6739

by Fred · 15/07/2024

The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag enabled, allowing remote attackers to potentially steal the session cookie via XSS.

More information : https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf

Similar

Tags: Cybersecurity Alert