Cookie Slack Detector

Risk:
Informational

Type:
Active

CWE:
CWE-205

Summary: Repeated GET requests: drop a different cookie each time, followed by normal request with all cookies to stabilize session, compare responses against original baseline GET. This can reveal areas where cookie based authentication/attributes are not actually enforced.

References: https://cwe.mitre.org/data/definitions/205.html

Latest Security News

Latest CVE List

Common Alerts

InformationalImage Exposes Location or Privacy Data
LowCookie with SameSite Attribute None
MediumSource Code Disclosure - SVN
MediumXSLT Injection
HighXPath Injection
InformationalAuthentication Request Identified
MediumMissing Anti-clickjacking Header
MediumJWT Scan Rule
LowDeprecated Feature Policy Header Set
HighAccess Control Issue - Improper Authorization

Common CWEs

Free online web security scanner

Don't show website scan report rating on the leaderboard