CVE-2023-3520

Medium

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository it-novum/openitcockpit prior to 4.6.6.

@huntrdev·CWE-614·Published 2023-07-06

CVSS

4.6

EPSS

0.00

KEV

Exploits

cve.orgen

120 chars

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository it-novum/openitcockpit prior to 4.6.6.

NVDen

120 chars

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository it-novum/openitcockpit prior to 4.6.6.

Version	Type	Source	Base	Exp	Impact	Vector
3.0	Primary	cve.org	4.3	—	—	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.0	Primary	cve.org	4.3	—	—	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N