Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in publify/publify

Valid

Reported on

Oct 8th 2021


Description

Session cookie _publify_blog_session  is not marked with 'Secure'

Proof of Concept 

Login to demo page  https://demo-publify.herokuapp.com/

Open Firefox developer option  -> storage -> check secure option

Below link shows POC
https://i.ibb.co/j3K5YDg/Screenshot-45.png

We created a GitHub Issue asking the maintainers to create a SECURITY.md 2 months ago
@0xAmal
2 months ago

Researcher


any updates on this

Matijs
2 months ago

Maintainer


Better reference perhaps: https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set

Matijs van Zuijlen validated this vulnerability 2 months ago
@0xAmal has been awarded the disclosure bounty
The fix bounty is now up for grabs
2 months ago
Matijs van Zuijlen confirmed that a fix has been merged on 4f7097 2 months ago
Matijs van Zuijlen has been awarded the fix bounty