Описание
Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows attackers to access a cookie value via a client-side script.
Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows attackers to access a cookie value via a client-side script.
Связанные уязвимости
CVSS3: 7.5
nvd
больше 6 лет назад
Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows attackers to access a cookie value via a client-side script.
CVSS3: 7.5
debian
больше 6 лет назад
Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnl ...