Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Drupal Other Vulnerability - CVE-2008-3661 - Vulnerability Database
Drupal

Drupal Other Vulnerability - CVE-2008-3661

Medium
Reference: CVE-2008-3661
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2008-3661
Title: Drupal Other Vulnerability
Overview:

Drupal probably 5.10 and 6.4 does not set the secure flag for the session cookie in an https session which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.