CVE-2021-40649 Information

Description

In Connx Version 6.2.0.1269 (20210623) a cookie can be issued by the application and not have the HttpOnly flag set.

Reference

http://connx.com https://github.com/l00neyhacker/CVE-2021-40649