CVE-2009-3566
The CVE-2009-3566 issue affects McAfee IntruShield Network Security Manager (NSM) prior to 5.1.11.8.1, where the session ID cookie is issued without the HttpOnly flag, enabling an XSS-based theft of the session cookie and potential remote session hijacking. Source material indicates the vulnerabi...