VYPR
Unrated severityNVD Advisory· Published May 13, 2019· Updated Aug 5, 2024

CVE-2018-12302

CVE-2018-12302

Description

Missing HTTPOnly flag on session cookies in the Seagate NAS OS version 4.3.15.1 web application allows attackers to steal session tokens via cross-site scripting.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.