Описание
HCL SX does not set the secure attribute on authorization tokens or session cookies. Attackers may potentially be able to obtain access to the cookie values via a Cross-Site-Forgery-Request (CSRF).
HCL SX does not set the secure attribute on authorization tokens or session cookies. Attackers may potentially be able to obtain access to the cookie values via a Cross-Site-Forgery-Request (CSRF).
Связанные уязвимости
CVSS3: 5.5
nvd
11 месяцев назад
HCL SX does not set the secure attribute on authorization tokens or session cookies. Attackers may potentially be able to obtain access to the cookie values via a Cross-Site-Forgery-Request (CSRF).