Gemalto Admin Control Center Prior to Version 7.92 Vulnerability: Missing 'HttpOnly' Flag in Hasplm Cookie

Gemalto Admin Control Center Prior to Version 7.92 Vulnerability: Missing 'HttpOnly' Flag in Hasplm Cookie

CVE-2019-8283 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it.

Learn more about our Web Application Penetration Testing UK.