CVE-2019-8283

Medium

Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript…

Kaspersky·CWE-1004·Published 2019-06-07

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

151 chars

Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it.

NVDen

151 chars

Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it.

La cookie Hasplm en Gemalto admin Control Center, todas las versiones anteriores a la 7.92, no presenta el flag 'HttpOnly'. Esto permite un JavaScript malicioso para robarlo.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N