CVE-2016-5409
CVE-2016-5409
Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →