VYPR

IntruShield Network Security Manager

by McAfee

CVEs (1)

  • CVE-2009-3566Nov 13, 2009
    risk 0.03cvss epss 0.04

    McAfee IntruShield Network Security Manager (NSM) before 5.1.11.8.1 does not include the HTTPOnly flag in the Set-Cookie header for the session identifier, which allows remote attackers to hijack a session by leveraging a cross-site scripting (XSS) vulnerability.