Search Vulnerability


Vulnerability Name Classifications Severity
Session Cookie Not Marked as Secure PCI v3.2-6.5.10; CAPEC-102; CWE-614; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A6; OWASP 2017-A3 High
Cookie Not Marked as HttpOnly CAPEC-107; CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Cookie Not Marked as Secure PCI v3.2-6.5.10; CAPEC-102; CWE-614; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A6; OWASP 2017-A3 Low
Cookie Values Used in Anti-CSRF Token CWE-352; HIPAA-164.306(a); ISO27001-A.14.1.2; OWASP 2013-A5; OWASP 2017-A6 Low
User Controllable Cookie CWE-20; ISO27001-A.14.2.5; WASC-20 Low
SameSite Cookie Not Implemented CWE-16; ISO27001-A.14.2.5; WASC-15 Best Practice
Out-of-date Version (JavaScript Cookie) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo