Description
Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
Remediation
References
Related Vulnerabilities
WordPress Plugin Convert Plus Unspecified Vulnerability (3.5.6)
WordPress Plugin Calendar Event Multi View Unspecified Vulnerability (1.3.58)
WordPress Plugin Flight Search Widget and Blocks Cross-Site Scripting (1.1.0)
WordPress Plugin Cms Pack TimThumb Arbitrary File Upload (1.3)
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2015-1399)