194 matches found
DEBIAN-CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
CVE-2018-25060 Macaron csrf csrf.go missing secure attribute
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
CVE-2018-25060
CVE-2018-25060 affects the Macaron csrf component (go-macaron/csrf) via the csrf.go Generate path. Affects cookies created by Generate: the Secure attribute is not applied, allowing cookies to be sent over non-SSL connections. The vulnerability can be exploited remotely; the attack complexity is ...
CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
Macaron csrf 安全漏洞
Macaron csrf is a Macaron open source middleware for generating and verifying csrf tokens for Macaron. Macaron csrf has a security vulnerability that stems from a misuse of the parameter Generate that results in a sensitive cookie without security attributes...
GHSA-MWVP-QR62-CVJX nsupdate.info has Sensitive Cookie Without 'HttpOnly' Flag
A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without httponly flag. It is possible to...
nsupdate.info has Sensitive Cookie Without 'HttpOnly' Flag
A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without httponly flag. It is possible to...
Session fixation
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0...
CVE-2022-4683 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in usememos/memos
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0...
CVE-2022-4683 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in usememos/memos
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0...
CVE-2022-4630
Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...
Code injection
Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...
CVE-2022-4630 Sensitive Cookie Without 'HttpOnly' Flag in lirantal/daloradius
Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...
CVE-2022-4630 Sensitive Cookie Without 'HttpOnly' Flag in lirantal/daloradius
Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...
CVE-2022-4630 Sensitive Cookie Without 'HttpOnly' Flag in lirantal/daloradius
Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...
CVE-2022-4630
CVE-2022-4630 affects daloradius (GitHub repository lirantal/daloradius) with a missing HttpOnly flag on sensitive cookies prior to the master branch. Root cause: session cookie (PHPSESSID) transmitted without HttpOnly protection, enabling potential access to sensitive data. Documented impact ind...
GHSA-WPGC-5CR5-H9GG phpMyFAQ has insecure HTTP cookies
phpMyFAQ is contains Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in versions prior to 3.1.9...