Web Application Session Cookies Not Marked Secure
Medium Nessus Plugin ID 49218
SynopsisHTTP session cookies may be transmitted in cleartext.
As a result, it may be possible for a remote attacker to intercept these cookies.
Solution- Host the web application on a server that only provides SSL (HTTPS).
- Mark all cookies as 'secure'.