RSS   Vulnerabilities for 'Novnc'   RSS

2015-04-10
 
CVE-2013-7436

 

 
noVNC before 0.5 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

 


Copyright 2019, cxsecurity.com

 

Back to Top