|
CWE-233
|
Improper Handling of Parameters
|
|
CWE-285
|
Improper Authorization
|
|
CWE-302
|
Authentication Bypass by Assumed-Immutable Data
|
|
CWE-315
|
Cleartext Storage of Sensitive Information in a Cookie
|
|
CWE-353
|
Missing Support for Integrity Check
|
|
CWE-384
|
Session Fixation
|
|
CWE-472
|
External Control of Assumed-Immutable Web Parameter
|
|
CWE-539
|
Use of Persistent Cookies Containing Sensitive Information
|
|
CWE-565
|
Reliance on Cookies without Validation and Integrity Checking
|