Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Cookies Not Marked as Secure - Vulnerability Database

Cookies Not Marked as Secure

Description

One or more cookies does not have the Secure flag set. When a cookie is set with the Secure flag, it instructs the browser that the cookie can only be accessed over secure SSL/TLS channels. This is an important security protection for session cookies.

Remediation

If possible, you should set the Secure flag for these cookies.

References

SameSite None Cookie Not Marked as Secure - Invicti

Related Vulnerabilities

Trace.axd Detected High
Common tags: Configuration
Unrestricted access to Caddy API interface High
Common tags: Configuration
Unrestricted access to Kong Gateway API High
Common tags: Configuration
Joomla J!Dump extension enabled Medium
Common tags: Configuration
Joomla Debug Console enabled Medium
Common tags: Configuration

Severity

Low

Classification

CWE-614
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration