Search Vulnerability


Vulnerability Name Classifications Severity
Session Cookie Not Marked as Secure PCI v3.2-, CAPEC-102, CWE-614, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A6, OWASP 2017-A3 High
Cookie Not Marked as HttpOnly CAPEC-107, CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Low
Cookie Not Marked as Secure PCI v3.2-, CAPEC-102, CWE-614, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A6, OWASP 2017-A3 Low
Cookie Values Used in Anti-CSRF Token CWE-352, HIPAA-352, ISO27001-A.14.1.2, OWASP 2013-A5, OWASP 2017-A6 Low
User Controllable Cookie CWE-20, ISO27001-A.14.2.5, WASC-20 Low
SameSite Cookie Not Implemented CWE-16, ISO27001-A.14.2.5, WASC-15 Best Practice
Out-of-date Version (JavaScript Cookie) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO