Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cookie missing HttpOnly flag
Vulnerability Description
The HttpOnlyflag of the session cookie \"@@\" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
没有’HttpOnly’标志的敏感Cookie
Vulnerability Title
SICK Field Analytics和SICK Media Server 安全漏洞
Vulnerability Description
SICK Field Analytics和SICK Media Server都是德国SICK公司的产品。SICK Field Analytics是一款用于评估制造数据的软件。SICK Media Server是一款媒体服务器。 SICK Field Analytics 和SICK Media Server存在安全漏洞,该漏洞源于会话cookie未启用HttpOnly标志,可能导致跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A