Exposure of Sensitive Information Due to Incompatible Policies in babybuddy/babybuddy

Valid

Reported on

Jul 30th 2021


✍️ Description

According to [1] we have : The secure attribute is an option that can be set by the application server when sending a new cookie to the user within an HTTP Response. The purpose of the secure attribute is to prevent cookies from being observed by unauthorized parties due to the transmission of the cookie in clear text and Cookies in your application don't set secure attribute then attacker with man in the middle attack can easily steal you users credentials in untrusted network.

💥 Impact

This vulnerability is capable of take control of user's account.

[1] https://owasp.org/www-community/controls/SecureCookieAttribute [2] https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies

Occurrences

We have contacted a member of the babybuddy team and are waiting to hear back a year ago
Christopher Charbonneau Wells validated this vulnerability a year ago
amammad has been awarded the disclosure bounty
The fix bounty is now up for grabs
Christopher Charbonneau Wells marked this as fixed with commit 4673c2 a year ago
Christopher Charbonneau Wells has been awarded the fix bounty
This vulnerability will not receive a CVE
to join this conversation