Description
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 149703.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Symposium Pro Social Network Cross-Site Scripting (16.01)
WordPress Plugin Simple Download Monitor Multiple Vulnerabilities (3.2.8)
WordPress Plugin Request Quote via Whatsapp for Woocommerce Cross-Site Scripting (1.0.1)
WordPress Plugin BuddyPress Cross-Site Request Forgery (2.9.0)
WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-10101)