Vulnerability: SameSite Attribute Missing in IBM Sterling Connect:Express for UNIX 1.5 Browser UI (IBM X-Force ID: 252055)

CVE-2023-29259 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID: 252055.

Learn more about our Web Application Penetration Testing UK.