781 B
781 B
CVE-2011-2154
Description
login.aspx in the SmarterTools SmarterStats 6.0 web server does not include the HTTPOnly flag in a Set-Cookie header for the loginsettings cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
POC
Reference
Github
No PoCs found on GitHub currently.