Headline
GHSA-qcw2-492v-57xj: usememos/memos missing Secure cookie attribute
usememos/memos is an open-source, self-hosted memo hub with knowledge management and socialization. Memos prior to 0.9.0 is missing the Secure cookie attribute, making it vulnerable to session hijacking.
usememos/memos missing Secure cookie attribute
Moderate severity GitHub Reviewed Published Dec 23, 2022 • Updated Dec 27, 2022
Related news
CVE-2022-4683
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0.