Mail2000 Vulnerability Allows Bypass of HttpOnly Flag
CVE-2024-6741

5.3MEDIUM

Key Information:

Vendor: Openfind
Status: Mail2000
Vendor: CVE Published:; 15 July 2024

What is CVE-2024-6741?

Openfind's Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.twcert.org.tw/tw/cp-132-7940-0177a-1.html

https://www.twcert.org.tw/en/cp-139-7941-b66e7-2.html

https://www.openfind.com.tw/taiwan/download/Openfind_OF-I...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2024

JSON

Openfind

What is CVE-2024-6741?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.