Register
Login
Toggle navigation
SaaS Solutions
Vulnerability Intelligence
Vulnerability Management
Pricing
Vulnerabilities
Reports
Blog
Contact Us
Main
Vulnerability Database
CWE List
CWE-1004 - Sensitive Cookie Without 'HttpOnly' Flag
Description
The software uses a cookie to store sensitive information, but the cookie is not marked with the HttpOnly flag.
Latest vulnerabilities for CWE-1004
Multiple vulnerabilities in Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application
2025-03-05
High
Yes
Multiple vulnerabilities in IBM Security Directory Suite
2024-12-11
Low
Yes
Multiple vulnerabilities in IBM Aspera Console
2024-10-07
High
Yes
Public exploit
Multiple vulnerabilities in Moxa PT-G503 Series
2023-11-06
Medium
Yes
Public exploit
Multiple vulnerabilities in Johnson Controls System Configuration Tool (SCT)
2023-02-10
Low
Yes
Multiple vulnerabilities in InHand Networks InRouter302
2022-05-16
Medium
Yes
Multiple vulnerabilities in GLPI
2021-09-17
Medium
Yes
Multiple vunerabilities in ABB eSOMS
2020-03-13
Medium
Yes
References
Description of CWE-1004 on Mitre website