thorsten/phpmyfaq is vulnerable to information disclosure.The vulnerability exists in the setCookie
function of session.php
due to insecure HTTP cookies without the ‘secure’ attribute which allows an attacker to gain access to sensitive information.