2 matches found
CVE-2023-41908
Cerebrate (pre-1.15) has a vulnerability where the session cookie lacks the Secure attribute, enabling potential cookie interception over insecure channels. The issue affects Cerebrate versions prior to 1.15. The documented remediation is to upgrade to 1.15 or later, which ensures the session coo...
CVE-2023-41908
Cerebrate before 1.15 lacks the Secure attribute for the session cookie...