Sensitive Cookie Without ‘HttpOnly’ Flag
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-1004: Sensitive Cookie Without ‘HttpOnly’ Flag |
| OWASP | A05:2021 - Security Misconfiguration |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The application configures Rails’ cookie-based session store with the ‘HttpOnly’ or ‘Secure’ flags set to false. This means session cookies may be accessible to client-side scripts or transmitted over insecure connections.
Impact#
Without these flags, attackers could steal session cookies through cross-site scripting (XSS) or network interception, potentially hijacking user sessions and gaining unauthorized access to sensitive user data or actions.