Unrated severityNVD Advisory· Published Dec 30, 2019· Updated Aug 5, 2024
CVE-2019-19736
CVE-2019-19736
Description
MFScripts YetiShare 3.5.2 through 4.5.3 does not set the HttpOnly flag on session cookies, allowing the cookie to be read by script, which can potentially be used by attackers to obtain the cookie via cross-site scripting.
Affected products
2- MFScripts/YetiSharedescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- medium.com/%40jra8908/yetishare-3-5-2-4-5-3-multiple-vulnerabilities-2d01d0cd7459mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.