VYPR
Unrated severityNVD Advisory· Published Jul 15, 2024· Updated Aug 1, 2024

Openfind MailGates and MailAudit - Sensitive Cookie Without 'HttpOnly' Flag

CVE-2024-6739

Description

The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag enabled, allowing remote attackers to potentially steal the session cookie via XSS.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.