← Back to CVE List

CVE-2024-6739

Published: 2024-07-15T04:15Z
Last Modified: 2024-11-21T09:50Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag enabled, allowing remote attackers to potentially steal the session cookie via XSS. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt