Description
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2023-22045 Vulnerability (CVE-2023-22045)
Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2022-26148)
Joomla! Core 2.5.x Arbitrary File Upload (2.5.0 - 2.5.13)
Joomla CVE-2012-2747 Vulnerability (CVE-2012-2747)
OpenSSL Resource Management Errors Vulnerability (CVE-2012-0050)