logo

Database

Insecurely generated cookies In thorsten/phpmyfaq

Description

Sensitive cookie in HTTPS session without 'Secure' attribute in thorsten/phpmyfaq Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2023-58662. NVD-2023-58663. OSV-2023-58664. GCVE-2023-5866

References

1. https://github.com/thorsten/phpmyfaq/commit/fdacff14acd5e69841068f0e32b59e2d1b1d0d552. https://huntr.com/bounties/ec44bcba-ae7f-497a-851e-8165ecf56945

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.