Vulnerabilities > Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

DATE CVE VULNERABILITY TITLE RISK
2024-03-15 CVE-2023-46179 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies.
network
low complexity
ibm CWE-614
4.3
4.3
2024-01-09 CVE-2024-0349 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Engineers Online Portal Project Engineers Online Portal 1.0
A vulnerability was found in SourceCodester Engineers Online Portal 1.0.
network
low complexity
engineers-online-portal-project CWE-614
5.3
5.3
2023-10-31 CVE-2023-5866 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in PHPmyfaq
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1.
network
low complexity
phpmyfaq CWE-614
5.7
5.7
2023-08-31 CVE-2023-4654 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Instantcms
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1.
network
low complexity
instantcms CWE-614
3.5
3.5
2023-07-06 CVE-2023-3520 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in It-Novum Openitcockpit
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository it-novum/openitcockpit prior to 4.6.6.
network
low complexity
it-novum CWE-614
4.6
4.6