Description
EspoCRM version 7.1.8 is vulnerable to Missing Secure Flag allowing the browser to send plain text cookies over an insecure channel (HTTP). An attacker may capture the cookie from the insecure channel using MITM attack.
Remediation
References
Related Vulnerabilities
WordPress Plugin AliExpress Dropshipping with AliNext Lite Cross-Site Request Forgery (3.3.5)
Oracle Database Server CVE-2014-2478 Vulnerability (CVE-2014-2478)
ownCloud Improper Access Control Vulnerability (CVE-2016-9460)
WordPress Plugin Contact Form DB CSV Injection (2.10.32)
WordPress Plugin Kino Gallery TimThumb Arbitrary File Upload (1.0)