GHSA-MWVP-QR62-CVJX nsupdate.info has Sensitive Cookie Without 'HttpOnly' Flag

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without httponly flag. It is possible to...

nsupdate.info has Sensitive Cookie Without 'HttpOnly' Flag

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without httponly flag. It is possible to...

CVE-2019-25091

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without 'httponly' flag. It is possible to...

CVE-2019-25091

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without 'httponly' flag. It is possible to...

Cross site request forgery (csrf)

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without 'httponly' flag. It is possible to...

CVE-2019-25091 nsupdate.info CSRF Cookie base.py cookie httponly flag

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without 'httponly' flag. It is possible to...

CVE-2019-25091

nsupdate.info CSRF Cookie Handler (src/nsupdate/settings/base.py) is affected by CVE-2019-25091. The issue arises from manipulating the CSRF_COOKIE_HTTPONLY setting, causing the CSRF/JWT cookie to be set without the HttpOnly flag. This could enable remote manipulation as described in the vulnerab...

PT-2022-8303 · Unknown · Nsupdate.Info

Name of the Vulnerable Software and Affected Versions: nsupdate.info affected versions not specified Description: A problematic vulnerability has been found in nsupdate.info, affecting the component CSRF Cookie Handler in the file src/nsupdate/settings/base.py. The manipulation of the argument CS...

nsupdate.info 安全漏洞

nsupdate.info is a free dynamic DNS service in the nsupdate.info development open source. A security vulnerability exists in nsupdate.info, which stems from a mishandling of the parameter CSRFCOOKIEHTTPONLY that results in a cookie without the "httponly" flag...