First published: Tue Sep 13 2022(Updated: )
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2.
Credit: security@huntr.dev
Affected Software | Affected Version | How to fix |
---|---|---|
Ikus-soft Rdiffweb | <2.4.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2022-3174.
The title of this vulnerability is 'Sensitive Cookie in HTTPS Session Without Secure Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2.'
The severity of CVE-2022-3174 is high with a CVSS score of 7.5.
This vulnerability affects Ikus-soft Rdiffweb version up to and excluding 2.4.2.
To fix this vulnerability, upgrade your GitHub repository ikus060/rdiffweb to version 2.4.2 or higher.