VYPR
Medium severity6.1NVD Advisory· Published Jun 7, 2019· Updated Jun 17, 2026

CVE-2018-10692

CVE-2018-10692

Description

An issue was discovered on Moxa AWK-3121 1.14 devices. The session cookie "Password508" does not have an HttpOnly flag. This allows an attacker who is able to execute a cross-site scripting attack to steal the cookie very easily.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.