CVE-2021-40649

CVE-2021-40649CVE-2021-40649

softwareag / connx

Description

In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the HttpOnly flag set.

Scoring

CVSS 6.5 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Last modified2026-07-05
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.