CVE-2021-40649

Name of the Vulnerable Software and Affected Versions Connx version 6.2.0.1269

Description The issue arises when a cookie is issued by the application without having the HttpOnly flag set. This flag is crucial as it helps mitigate the risk of client-side script accessing the cookie, thereby reducing the risk of session hijacking.

Recommendations For Connx version 6.2.0.1269, consider configuring the application to set the HttpOnly flag for all cookies to prevent potential session hijacking attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.