Security Advisory

CVE-2025-49189

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-12 14:03:39

Last updated 2025-06-13 06:24:54

Assigner SICK AG

State PUBLISHED

Description

The HttpOnlyflag of the session cookie "@@" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies.

← Browse all CVEs View on cve.org ↗