2021-08-31 10:32:58
CERTVDE
PUBLISHED
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookies value to be read or set by client-side JavaScript.