Gemalto Admin Control Center Prior to Version 7.92 Vulnerability: Missing 'HttpOnly' Flag in Hasplm Cookie
CVE-2019-8283 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it.
Learn more about our Web Application Penetration Testing UK.