2 matches found
CVE-2020-4316
IBM Publishing Engine is affected by CVE-2020-4316 due to not setting the secure attribute on authorization tokens and session cookies. Impact: cookies may be exposed when a user visits an http link or a site embedding it, allowing eavesdropping of cookie values. Affected versions: IBM Publishing...
Security Bulletin: Session cookie is missing secure attribute and affects IBM Publishing Engine
Summary There is a vulnerability in the session cookie which misses a secure attribute and affects IBM Publishing Engine Vulnerability Details CVEID: CVE-2020-4316 DESCRIPTION: IBM Publishing Engine does not set the secure attribute on authorization tokens or session cookies. Attackers may be abl...