FOLLOW FLUID ATTACKS
The application’s cookies are generated without properly setting the HttpOnly,
Secure and SameSite attributes.
This could enable an attacker to compromise a user’s session through XSS,
sniffing or CSRF attacks.
R029. Cookies with security attributes
Corporate member of The OWASP Foundation
Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.