hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update documentation

Browse Source
This commit is contained in:
Joe Farebrother
2024-07-19 09:13:30 +01:00
parent 070d67816d
commit baf51334e4
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
python/ql/src/Security/CWE-020/CookieInjection.qhelp
View File

@@ -4,7 +4,9 @@
<qhelp>
<overview>
<p>Constructing cookies from user input can allow an attacker to control a user's cookie. Additionally, if the cookie is set using a raw header, cookie attributes such as the <code>Secure</code> flag may be controlled by an attacker.
<p>Constructing cookies from user input can allow an attacker to control a user's cookie.
This may lead to a session fixation attack. Additionally, client code may not expect a cookie to contain attacker-controlled data, and fail to sanitize it for common vulnerabilities such as Cross Site Scripting (XSS).
An attacker manipulating the raw cookie header may additionally be able to set cookie attributes such as <code>HttpOnly</code> to insecure values.
</p>
</overview>
@@ -19,6 +21,7 @@ and the second sets a cookie's raw value through the <code>set-cookie</code> hea
</example>
<references>
<li>Wikipedia - <a href="https://en.wikipedia.org/wiki/Session_fixation">Session Fixation</a>.</li>
</references>
</qhelp>