Unrated severityNVD Advisory· Published May 13, 2019· Updated Aug 5, 2024
CVE-2018-12302
CVE-2018-12302
Description
Missing HTTPOnly flag on session cookies in the Seagate NAS OS version 4.3.15.1 web application allows attackers to steal session tokens via cross-site scripting.
Affected products
2- Seagate/NAS OSdescription
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.