Unrated severityNVD Advisory· Published Mar 26, 2025· Updated Mar 26, 2025
HCL SX is susceptible to cookie with Insecure, Improper, or Missing SameSite attribute vulnerability
CVE-2024-30155
Description
HCL SX does not set the secure attribute on authorization tokens or session cookies. Attackers may potentially be able to obtain access to the cookie values via a Cross-Site-Forgery-Request (CSRF).
Affected products
2- HCL Software/HCL SXv5Range: 21
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.