Code injection

1Panel is an open source Linux server operation and maintenance management panel. The HTTPS cookie that comes with the panel does not have the Secure keyword, which may cause the cookie to be sent in plain text if accessed using HTTP. This issue has been patched in version 1.9.6...

New vulnerability: the use of a browser Cookie to bypass HTTPS and steal private information-bug warning-the black bar safety net

! Recently, a presence in the major browsers Web cookies in a serious vulnerability is found, it enables secure browsing mode HTTPS is vulnerable to MiTM attacks. In addition, most of the Web sites and popular open source applications may contain Cookie injection vulnerabilities, including: Googl...