Description
Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
Remediation
References
Related Vulnerabilities
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-5899)
Joomla Incorrect Authorization Vulnerability (CVE-2023-23751)
WordPress Plugin Yasr-Yet Another Stars Rating Unspecified Vulnerability (1.7.0)
WordPress Plugin Simple Download Button Shortcode 'file' Parameter Information Disclosure (1.0)