Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
novell data synchronizer 1.1.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-2224
The Mobility Pack prior to 1.2 in Novell Data Synchronizer 1.x up to and including 1.1.2 build 428 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote malicious users to conduct cross-site scripting (XSS) attacks via unspecified vectors.