5 matches found
CVE-2023-4654
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4654
creationtimestamp| type| source ---|---|--- 2023-08-31 08:56:55+00:00| seen| https://t.me/cibsecurity/69501...
CVE-2023-4654 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in instantsoft/icms2
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4654
The CVE-2023-4654 issue affects instantsoft/icms2 prior to 2.16.1, where an HTTPS session cookie is marked without the Secure attribute. Multiple sources (NVD entry, Red Hat advisory) corroborate this description. The root cause is the missing Secure flag on a session cookie, enabling potential c...
CVE-2023-4654 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in instantsoft/icms2
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1...