Описание
usememos/memos missing Secure cookie attribute
usememos/memos is an open-source, self-hosted memo hub with knowledge management and socialization. Memos prior to 0.9.0 is missing the Secure cookie attribute, making it vulnerable to session hijacking.
Пакеты
Наименование
github.com/usememos/memos
go
Затронутые версииВерсия исправления
< 0.9.0
0.9.0
Связанные уязвимости
CVSS3: 6.5
nvd
около 3 лет назад
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0.