Register
Login
Toggle navigation
SaaS Solutions
Vulnerability Intelligence
Pricing
Vulnerabilities
Reports
Blog
Contact Us
Main
Vulnerability Database
CWE List
With exploit
With patch
CWE-1004 - Sensitive Cookie Without 'HttpOnly' Flag
Description
The software uses a cookie to store sensitive information, but the cookie is not marked with the HttpOnly flag.
Latest vulnerabilities for CWE-1004
Multiple vulnerabilities in Moxa PT-G503 Series
2023-11-06
Medium
Yes
Multiple vulnerabilities in Johnson Controls System Configuration Tool (SCT)
2023-02-10
Low
Yes
Multiple vulnerabilities in InHand Networks InRouter302
2022-05-16
Medium
Yes
Multiple vulnerabilities in GLPI
2021-09-17
Medium
Yes
Multiple vunerabilities in ABB eSOMS
2020-03-13
Medium
Yes
References
Description of CWE-1004 on Mitre website