VYPR
Unrated severityNVD Advisory· Published Mar 26, 2025· Updated Mar 26, 2025

HCL SX is susceptible to cookie with Insecure, Improper, or Missing SameSite attribute vulnerability

CVE-2024-30155

Description

HCL SX does not set the secure attribute on authorization tokens or session cookies. Attackers may potentially be able to obtain access to the cookie values via a Cross-Site-Forgery-Request (CSRF).

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.