jbruinaud
commented
4 years ago Issue still exists.
SUMMARY
Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)
Open jbruinaud opened 4 years ago
jbruinaud
commented
4 years ago Issue still exists.
Issue has total 1 vulnerabilities left to be fix (Please scroll to the top for more information)
HttpOnlyCookies issue exists @ Content/ForgotPassword.aspx.cs in branch master
The web application's ButtonCheckEmail_Click method creates a cookie cookie, at line 27 of Content\ForgotPassword.aspx.cs, and returns it in the response. However, the application is not configured to automatically set the cookie with the "httpOnly" attribute, and the code does not explicitly add this to the cookie.
Severity: Medium
CWE:1004
Checkmarx
Lines: 55
Code (Line #55):