IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2020-11-30T15:30:29.267906Z

Updated: 2024-09-16T23:56:03.081Z

Reserved: 2019-12-30T00:00:00

Link: CVE-2020-4625

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-11-30T16:15:12.543

Modified: 2024-11-21T05:33:00.527

Link: CVE-2020-4625

cve-icon Redhat

No data.