CVE-2020-25473
CVE-2020-25473 affects SimplePHPscripts News Script PHP Pro 2.3. The root cause is that HttpOnly is not set on session cookies, potentially exposing session data to client-side access. The NVD notes a network attack vector with low complexity and no authentication required, leading to partial con...