An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2011-1299.html
The issue has been addressed in Spacewalk master by
commit a779c73eab6a65f38a03d8fb27b06cc1f71842fc
713477 - made session cookies httponly
Fixed package: spacewalk-config-1.6.2-1