First published: Tue Nov 24 2020(Updated: )
SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Newsscriptphp News Script Php Pro | =2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for SimplePHPscripts News Script PHP Pro 2.3 is CVE-2020-25473.
The severity of CVE-2020-25473 is medium with a CVSS score of 6.5.
SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies.
The affected software for CVE-2020-25473 is SimplePHPscripts News Script PHP Pro 2.3.
To fix the vulnerability in SimplePHPscripts News Script PHP Pro 2.3, you should update to a version that properly sets the HttpOnly Flag from Session Cookies.