CVE-2020-25473 — SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag... | CVE Daily

Medium CVSS 6.5

Overview

SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies.

CWE: N/A Published: 2020-11-24T15:15:12.670

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.5 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Recommended tools

Tags