CVE-2014-8775
MODX Revolution 2.x before 2.2.15 is vulnerable due to the session cookie not setting the HTTPOnly flag, allowing remote attackers to access potentially sensitive information via script access. Exploitation details are not provided in the available documents. No explicit remediation/version fix i...