4 matches found
CVE-2022-4409
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9...
CVE-2022-4409 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaq
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9...
CVE-2022-4409 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaq
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9...
CVE-2022-4409
CVE-2022-4409 affects the PHPMyFAQ project (thorsten/phpmyfaq), where in versions prior to 3.1.9 a sensitive cookie used in HTTPS sessions is set without the Secure attribute. This can expose session data over non-secure channels. The public records consistently identify the issue as a cookie sec...