CVE-2021-3509

A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS.The...

CVE-2021-3509

A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS.The...

CVE-2021-3509

A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS.The...

CVE-2021-3509

Affects Red Hat Ceph Storage 4 dashboard (ceph-dashboard). The root cause is storage of the JWT for user authentication in the browser (localStorage), which exposes tokens to XSS risks. This is described in connected advisories for Ceph-derived distributions (Astral/Linux security bulletins and M...

CVE-2021-3509

A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS.The...

Ruby: CGI::Cookieクラスにおけるセキュリティ上好ましくない仕様および実装

以下のCGIスクリプトについて、name、path、domainに改行、等号、改行のインジェクションが可能 !/usr/bin/env ruby require "cgi" cgi = CGI.new name = "name" path = "/" domain = "example.jp" cookie = CGI::Cookie.new'name' = name, 'value' = "value", 'domain' = domain, 'path' = path cgi.out"cookie" = cookie...

CVE-2021-3509

A flaw was found in the Red Hat Ceph Storage Dashboard. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS. The greatest threa...

BTCPay Server Cross-Site Scripting Vulnerability

BTCPay Server is a self-hosted open source cryptocurrency payment processor. It is secure, private, uncensored and free. A cross-site scripting vulnerability exists in BTCPay Server 1.0.7.0 and earlier versions. The vulnerability stems from a failure to set the HTTPOnly flag for cookies. An...

CVE-2021-29247

BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie...

CVE-2021-29247

BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie...

Information disclosure

BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie...

CVE-2021-29247

BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie...

BTCPay Server 信息泄露漏洞

BTCPay Server is a self-hosted open source cryptocurrency payment processor. It is secure, private, uncensored and free. A cross-site scripting vulnerability exists in BTCPay Server 1.0.7.0 and earlier versions. The vulnerability stems from a failure to set the HTTPOnly flag for cookies. An...

How to Force Secure and HttpOnly Cookie Options for Websites Using NetScaler Appliance

The web administrators may forceSecure and/orHttpOnly flags on the Session ID and the authentication cookies that are generated by the web applications. Modifying Set-Cookie headers to include these two options can be done using an http Load Balancing Virtual Server and Rewrite Policies on a...

Cross-Site Request Forgery (CSRF)

Overview Affected versions of the fastify-csrf package are vulnerable to Cross-site Request Forgery CSRF. The generated cookie used insecure defaults, and did not have the httpOnly flag on: cookieOpts: path: '/', sameSite: true . Also, the CSRF token was available in the GET query parameter...

Cross-site Request Forgery in fastify-csrf

The package fastify-csrf before 3.0.0 has a set of issues that affect its ability to do CSRF protection. 1. The generated cookie used insecure defaults, and did not have the httpOnly flag on: cookieOpts: path: '/', sameSite: true 2. The CSRF token was available in the GET query parameter...

CVE-2020-28482

This affects the package fastify-csrf before 3.0.0. 1. The generated cookie used insecure defaults, and did not have the httpOnly flag on: cookieOpts: path: '/', sameSite: true 2. The CSRF token was available in the GET query parameter...

Cross site request forgery (csrf)

This affects the package fastify-csrf before 3.0.0. 1. The generated cookie used insecure defaults, and did not have the httpOnly flag on: cookieOpts: path: '/', sameSite: true 2. The CSRF token was available in the GET query parameter...

CVE-2020-28482 Cross-site Request Forgery (CSRF)

This affects the package fastify-csrf before 3.0.0. 1. The generated cookie used insecure defaults, and did not have the httpOnly flag on: cookieOpts: path: '/', sameSite: true 2. The CSRF token was available in the GET query parameter...

Fastify Fastify-csrf Cross-Site Request Forgery Vulnerability

Fastify Fastify-csrf is a Javascript-based plugin that provides CSRF protection for Fastify in the Fastify community. A security vulnerability exists in fastify-csrf before 3.0.0 due to an insecure default value being used in the generated cookie, no httpOnly, and CSRF tokens being available in t...