Cookie vulnerabilities still being overlooked

Last week’s cookie-vuln won’t be the last, security bod says
It’s only a local bug until it’s not
Darren Pauli
In the wake of last week’s cookie security warning, accomplished Polish penetration tester Dawid Czagan has dug up a separate issue with Apple’s Safari.
The bug Czagan has reported to Apple relates to its handling of the HTTPOnly flag, again leaving cookies open to attack.
To read the entire article, please click here.


Leave A Comment