Lucene search
K

194 matches found

OSV
OSV
added 2022/12/30 12:15 p.m.4 views

DEBIAN-CVE-2018-25060

A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...

7.5CVSS3.8AI score0.00515EPSS
Exploits0References1
NVD
NVD
added 2022/12/30 12:15 p.m.20 views

CVE-2018-25060

A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...

7.5CVSS0.00515EPSS
Exploits0References4
OSV
OSV
added 2022/12/30 12:15 p.m.10 views

CVE-2018-25060

A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...

7.5CVSS7.5AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2022/12/30 12:15 p.m.21 views

CVE-2018-25060

A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...

7.5CVSS5.5AI score0.00515EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/12/30 11:47 a.m.32 views

CVE-2018-25060 Macaron csrf csrf.go missing secure attribute

A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...

3.7CVSS7.5AI score0.00515EPSS
Exploits0References4
CVE
CVE
added 2022/12/30 11:47 a.m.94 views

CVE-2018-25060

CVE-2018-25060 affects the Macaron csrf component (go-macaron/csrf) via the csrf.go Generate path. Affects cookies created by Generate: the Secure attribute is not applied, allowing cookies to be sent over non-SSL connections. The vulnerability can be exploited remotely; the attack complexity is ...

7.5CVSS5.6AI score0.00515EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2022/12/30 11:47 a.m.47 views

CVE-2018-25060

A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...

7.5CVSS4.4AI score0.00515EPSS
Exploits0
CNNVD
CNNVD
added 2022/12/30 12:0 a.m.5 views

Macaron csrf 安全漏洞

Macaron csrf is a Macaron open source middleware for generating and verifying csrf tokens for Macaron. Macaron csrf has a security vulnerability that stems from a misuse of the parameter Generate that results in a sensitive cookie without security attributes...

7.5CVSS5.5AI score0.00515EPSS
Exploits0References5
OSV
OSV
added 2022/12/28 12:30 a.m.14 views

GHSA-MWVP-QR62-CVJX nsupdate.info has Sensitive Cookie Without 'HttpOnly' Flag

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without httponly flag. It is possible to...

5.3CVSS5.3AI score0.00612EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/12/28 12:30 a.m.25 views

nsupdate.info has Sensitive Cookie Without 'HttpOnly' Flag

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without httponly flag. It is possible to...

5.3CVSS1.9AI score0.00612EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2022/12/23 12:15 p.m.16 views

Session fixation

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0...

4CVSS6.5AI score0.00376EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/23 12:0 a.m.9 views

CVE-2022-4683 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in usememos/memos

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0...

4.3CVSS6.5AI score0.00376EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/12/23 12:0 a.m.42 views

CVE-2022-4683 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in usememos/memos

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0...

4.3CVSS6.7AI score0.00376EPSS
Exploits1References2
NVD
NVD
added 2022/12/21 6:15 p.m.36 views

CVE-2022-4630

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...

5.3CVSS0.00629EPSS
Exploits1References2
Prion
Prion
added 2022/12/21 6:15 p.m.19 views

Code injection

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...

5CVSS5.3AI score0.00629EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/12/21 12:0 a.m.5 views

CVE-2022-4630 Sensitive Cookie Without 'HttpOnly' Flag in lirantal/daloradius

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...

5.3CVSS5.3AI score0.00629EPSS
Exploits1References2
OSV
OSV
added 2022/12/21 12:0 a.m.28 views

CVE-2022-4630 Sensitive Cookie Without 'HttpOnly' Flag in lirantal/daloradius

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...

5.3CVSS5.4AI score0.00629EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/12/21 12:0 a.m.38 views

CVE-2022-4630 Sensitive Cookie Without 'HttpOnly' Flag in lirantal/daloradius

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...

5.3CVSS5.6AI score0.00629EPSS
Exploits1References2
CVE
CVE
added 2022/12/21 12:0 a.m.71 views

CVE-2022-4630

CVE-2022-4630 affects daloradius (GitHub repository lirantal/daloradius) with a missing HttpOnly flag on sensitive cookies prior to the master branch. Root cause: session cookie (PHPSESSID) transmitted without HttpOnly protection, enabling potential access to sensitive data. Documented impact ind...

5.3CVSS5.3AI score0.00629EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/12/11 3:30 p.m.25 views

GHSA-WPGC-5CR5-H9GG phpMyFAQ has insecure HTTP cookies

phpMyFAQ is contains Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in versions prior to 3.1.9...

7.5CVSS6.6AI score0.00422EPSS
Exploits1References5
Rows per page
Query Builder