Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-5866

Date: October 30, 2023

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1.

Language: PHP

Severity Score

Related Resources (5)

https://nvd.nist.gov/vuln/detail/CVE-2023-5866
https://huntr.com/bounties/ec44bcba-ae7f-497a-851e-8165ecf56945
https://github.com/thorsten/phpmyfaq/commit/fdacff14acd5e69841068f0e32b59e2d1b1d0d55
https://github.com/thorsten/phpMyFAQ
https://www.mend.io/vulnerability-database/CVE-2023-5866

Severity Score

Weakness Type (CWE)

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

CWE-614

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us