CVE-2018-1480
CVE-2018-1480 affects IBM BigFix Platform versions 9.2.0–9.2.14 and 9.5–9.5.9. The root cause is that authorization tokens or session cookies are not marked HttpOnly, which could allow a client-side script to access cookies in the presence of a Cross-Site Scripting vulnerability, enabling potenti...