exploitDog

GHSA-mh9v-6mm6-9gm4

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 3.3

Описание

In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookie's value to be read or set by client-side JavaScript.

In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookie's value to be read or set by client-side JavaScript.

Ссылки

EPSS

Процентиль: 15%

0.00047

Низкий

3.3 Low

CVSS3

CVE ID

Дефекты

CWE-1004

Связанные уязвимости

CVE-2021-34563

CVSS3: 3.3

nvd

больше 4 лет назад

In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookie's value to be read or set by client-side JavaScript.

EPSS

Процентиль: 15%

0.00047

Низкий

3.3 Low

CVSS3

CVE ID

Дефекты

CWE-1004