What the vulnerability does

01Description

Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it.

Key dates

02Disclosure timeline

June 7, 2019 CVE published
August 4, 2024 Record updated