Skip to main content

Insecurely generated cookies

Description#

The application's cookies are generated without properly setting the HttpOnly, Secure and SameSite attributes. This could enable an attacker to compromise a user's session through XSS, sniffing or CSRF attacks.

Requirements#