Sensitive Cookie Without 'HttpOnly' Flag vulnerability in... · CVE-2023-2876 · GitHub Advisory Database · GitHub

Sensitive Cookie Without 'HttpOnly' Flag vulnerability in...

Moderate severity Unreviewed Published Jun 13, 2023 to the GitHub Advisory Database • Updated Apr 4, 2024

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).This issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1.

References

Published by the National Vulnerability Database

Jun 13, 2023

Published to the GitHub Advisory Database Jun 13, 2023

Last updated Apr 4, 2024