No HTTP Only Flag Allow An Attacker TO Access Cookies Using XSS Attack
Reported by Narendra Bhati | November 16th, 2014 @ 11:38 AM | in User issues
What is HTTP Only Flag - According To OWASP
If the HttpOnly flag (optional) is included in the HTTP response header, the cookie cannot be accessed through client side script (again if the browser supports this flag). As a result, even if a cross-site scripting (XSS) flaw exists, and a user accidentally accesses a link that exploits this flaw, the browser (primarily Internet Explorer) will not reveal the cookie to a third party.
Your cookies are not set as http only flag thats why an attacker can hijack the session cookies by using XSS attack , for further attacks like session hijacking
POC attached with this ticked
-
Session_Accessable-1.PNG
119.9 KB
Session_Accessable-1.PNG
Comments and changes to this ticket
-
Narendra Bhati November 16th, 2014 @ 12:02 PM
- Tag set to “security”
-
-
Narendra Bhati December 20th, 2014 @ 02:03 PM
- Assigned user set to “expNinja”
So what your are going to do next ? about this issue !
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Bug Tracker for Exponent CMS
People watching this ticket
expNinja
Narendra Bhati
Attachments
-
Session_Accessable-1.PNG
119.9 KB