GlobalSCAPE Knowledge Base

The server issued one or more cookies that did not have the HttpOnly flag set

What sort of DOM XSS (client XSS) mitigation techniques does EFT use?