CVE-2018-10692
published 2019-06-07CVE-2018-10692: An issue was discovered on Moxa AWK-3121 1.14 devices. The session cookie "Password508" does not have an HttpOnly flag. This allows an attacker who is able to…
medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
An issue was discovered on Moxa AWK-3121 1.14 devices. The session cookie "Password508" does not have an HttpOnly flag. This allows an attacker who is able to execute a cross-site scripting attack to steal the cookie very easily.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moxa | awk-3121_firmware | — | — |