/

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in publify/publify

Valid

Reported on

Oct 8th 2021

Description

Session cookie _publify_blog_session  is not marked with 'Secure'

Proof of Concept 

Login to demo page  https://demo-publify.herokuapp.com/

Open Firefox developer option  -> storage -> check secure option

Below link shows POC
https://i.ibb.co/j3K5YDg/Screenshot-45.png

References

https://owasp.org/www-project-secureflag-open-platform/

We created a GitHub Issue asking the maintainers to create a SECURITY.md a year ago

commented a year ago

Researcher

any updates on this

Matijs van Zuijlen Matijs

commented a year ago

Maintainer

Better reference perhaps: https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set

Matijs van Zuijlen validated this vulnerability a year ago

@0xAmal has been awarded the disclosure bounty

The fix bounty is now up for grabs

Matijs van Zuijlen submitted a

a year ago

Matijs van Zuijlen marked this as fixed with commit 4f7097 a year ago

Matijs van Zuijlen has been awarded the fix bounty

This vulnerability will not receive a CVE

to join this conversation

We created a GitHub Issue asking the maintainers to create a SECURITY.md a year ago

commented a year ago

Researcher

any updates on this

Matijs van Zuijlen Matijs

commented a year ago

Maintainer

Better reference perhaps: https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set

Matijs van Zuijlen validated this vulnerability a year ago

@0xAmal has been awarded the disclosure bounty

The fix bounty is now up for grabs

Matijs van Zuijlen submitted a

a year ago

Matijs van Zuijlen marked this as fixed with commit 4f7097 a year ago

Matijs van Zuijlen has been awarded the fix bounty

This vulnerability will not receive a CVE

to join this conversation