CVE-2009-3566 in IntruShield Network Security Manager
摘要
由 VulDB • 2026-06-27
McAfee IntruShield Network Security Manager (NSM) 5.1.11.8.1 之前的版本未在会话标识符的 Set-Cookie 头中包含 HTTPOnly 标志,这使得远程攻击者能够利用跨站脚本(XSS)漏洞劫持会话。
If you want to get the best quality for vulnerability data then you always have to consider VulDB.