Unrated severityNVD Advisory· Published Oct 21, 2025· Updated Oct 21, 2025
HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute
CVE-2025-12031
Description
HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 0
- Range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.