EPSS
Percentile
50.6%
apache guacamole uses an insecure cookie configuration. The secure flag is not configured on session tokens, which would allow an attacker to obtain the session tokens in clear text.
secure
www.securityfocus.com/bid/106768
lists.apache.org/thread.html/af1632e13dd9acf7537546660cae9143cbb10fdd2f9bb0832a690979@%3Cannounce.guacamole.apache.org%3E