Falhas do tipo CWE-1004
41 resultadosCVE-2023-4217LOWSession cookies attribute not set properlyEPSS 0.3%CVE-2025-24318MEDIUMDario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Sensitive Cookie Without 'HttpOnly' FlagEPSS 0.3%CVE-2023-4228LOWioLogik 4000 Series: Session Cookies Attribute Not Set ProperlyEPSS 0.3%CVE-2023-2876LOWSession cookie exposure for client side scriptEPSS 0.3%CVE-2026-25734MEDIUMRucio WebUI has Stored Cross-site Scripting (XSS) in RSE MetadataEPSS 0.3%CVE-2026-25735MEDIUMRucio WebUI has a Stored Cross-site Scripting (XSS) vulnerability its Identity NameEPSS 0.3%CVE-2026-25736MEDIUMRucio WebUI has a Stored Cross-site Scripting (XSS) Vulnerability in its Custom RSE AttributeEPSS 0.3%CVE-2026-42239HIGHBudibase auth session cookies are set with httpOnly:false — any XSS can lead to full account takeoverEPSS 0.3%CVE-2025-53757HIGHInsecure Cookie Flags Vulnerability in Digisol DG-GR6821AC RouterEPSS 0.3%CVE-2026-25136HIGHRucio WebUI has a Reflected Cross-site Scripting VulnerabilityEPSS 0.3%CVE-2026-25733HIGHRucio WebUI Vulnerable to Stored Cross-site Scripting (XSS) through Custom Rule FunctionEPSS 0.3%CVE-2025-49189MEDIUMCookie missing HttpOnly flagEPSS 0.3%CVE-2024-47833MEDIUMSession Cookie without Secure and HTTPOnly flags in taipyEPSS 0.2%CVE-2026-35575HIGHChurchCRM has Stored XSS in Group NameEPSS 0.2%CVE-2025-57424HIGHA stored cross-site scripting (XSS) vulnerability exists in the MyCourts v3 application within the LTA number profile field. An attacker canEPSS 0.2%CVE-2021-34563LOWIn WirelessHART-Gateway versions 3.0.8 and 3.0.9 the HttpOnly flag is missing in a cookie which allows client-side javascript to modify itEPSS 0.2%CVE-2026-39338HIGHChurchCRM has Blind XSS via Global Search – Administrative Cookie Session ExfiltrationEPSS 0.2%CVE-2025-42909LOWSecurity Misconfiguration vulnerability in SAP Cloud Appliance Library AppliancesEPSS 0.2%CVE-2025-47289MEDIUMStored XSS in CE Phoenix Cart Testimonials Allows Account Takeover if Missing HttpOnly FlagEPSS 0.2%CVE-2026-11956MEDIUMTwiN gatus OIDC Session Cookie oidc.go setSessionCookie missing secure attributeEPSS 0.2%