VYPR
Unrated severityNVD Advisory· Published Oct 21, 2025· Updated Oct 21, 2025

HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute

CVE-2025-12031

Description

HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.