CVE-2018-25060

A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...

CVE-2018-25060

A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...

CVE-2018-25060 Macaron csrf csrf.go missing secure attribute

A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...

CVE-2018-25060

CVE-2018-25060 affects the Macaron csrf component (go-macaron/csrf) via the csrf.go Generate path. Affects cookies created by Generate: the Secure attribute is not applied, allowing cookies to be sent over non-SSL connections. The vulnerability can be exploited remotely; the attack complexity is ...

PT-2022-8070 · Unknown +1 · Macaron Csrf +1

Name of the Vulnerable Software and Affected Versions: Macaron csrf affected versions not specified Description: A vulnerability was found in Macaron csrf, classified as problematic. It affects some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to...

Session fixation

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0...

PT-2022-27987 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.0 Description: The issue is related to a sensitive cookie in an HTTPS session without the 'Secure' attribute. This affects an open-source, self-hosted memo hub with knowledge management and socialization...

CVE-2022-4683 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in usememos/memos

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0...

CVE-2022-4683 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in usememos/memos

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0...

CVE-2022-4683

CVE-2022-4683 affects usememos/memos prior to 0.9.0. The vulnerability is a missing Secure attribute on cookies in HTTPS sessions, enabling potential cookie exposure and session hijacking. Exploitation details are not provided in the supplied documents. remediation: upgrade to version 0.9.0 or la...

Information Disclosure

thorsten/phpmyfaq is vulnerable to information disclosure.The vulnerability exists in the setCookie function of session.php due to insecure HTTP cookies without the 'secure' attribute which allows an attacker to gain access to sensitive information...

GHSA-WPGC-5CR5-H9GG phpMyFAQ has insecure HTTP cookies

phpMyFAQ is contains Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in versions prior to 3.1.9...

phpMyFAQ has insecure HTTP cookies

phpMyFAQ is contains Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in versions prior to 3.1.9...

CVE-2022-4409 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaq

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9...

PT-2022-27107 · Phpmyfaq · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: phpMyFAQ versions prior to 3.1.9 Description: The issue concerns a sensitive cookie in an HTTPS session that lacks the 'Secure' attribute. This problem affects the GitHub repository thorsten/phpmyfaq. There is no information provided about th...

CVE-2022-4409

CVE-2022-4409 affects the PHPMyFAQ project (thorsten/phpmyfaq), where in versions prior to 3.1.9 a sensitive cookie used in HTTPS sessions is set without the Secure attribute. This can expose session data over non-secure channels. The public records consistently identify the issue as a cookie sec...

CVE-2022-34313

IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can...

CVE-2022-34313

IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can...

PT-2022-22122 · Ibm · Ibm Cics Tx

Name of the Vulnerable Software and Affected Versions: IBM CICS TX version 11.1 Description: The issue concerns the failure to set the secure attribute on authorization tokens or session cookies. Attackers can exploit this by sending a http:// link to a user or by planting this link in a site the...

Security Bulletin: IBM Sterling Secure Proxy’s session or sensitive cookies do not have the secure attribute enabled (CVE-2013-0515)

Abstract IBM Sterling Secure Proxy’s session or sensitive cookies do not always have the secure attribute enabled. As a result, customers who use HTTP could be vulnerable to cookie hijacking attacks. Content VULNERABILITY DETAILS CVE ID: CVE-2013-0515 DESCRIPTION: Set Secure Attribute in SSL Cook...