10 lines
414 B
Plaintext
10 lines
414 B
Plaintext
Using cookies is security-sensitive. It has led in the past to the following vulnerabilities:
|
|
|
|
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11639[CVE-2018-11639]
|
|
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6537[CVE-2016-6537]
|
|
|
|
Attackers can use widely-available tools to read cookies. Any sensitive information they may contain will be exposed.
|
|
|
|
|
|
This rule flags code that writes cookies.
|