Cookie Not Marked as Secure

  • ubcsecurity

    (@ubcsecurity)


    6 years ago

    Identified Cookie(s) : power_stats_tracking_code

    Vulnerability Details
    [WEB APP SCANNER] identified a cookie not marked as secure, and transmitted over HTTPS.

    This means the cookie could potentially be stolen by an attacker who can successfully intercept and decrypt the traffic, or following a successful man-in-the-middle attack.

    Remedy
    Mark all cookies used within the application as secure.

    ******
    My question is, how and where can I ensure that this particular cookie is set as secure? Or is this hard-baked in to the plugin?

  • The topic ‘Cookie Not Marked as Secure’ is closed to new replies.