CVE-2021-26589
This CVE concerns HPE Superdome Flex Servers where a Cross Site Scripting (XSS) vulnerability arises because the Session Cookie lacks the HttpOnly attribute. Public sources (NVD entry) describe remote exploitation potential and provide a firmware update from HPE as the remediation. The NVD CVSS v...