Medium severity5.6NVD Advisory· Published Mar 5, 2025· Updated Apr 15, 2026
CVE-2025-22493
CVE-2025-22493
Description
Secure flag not set and SameSIte was set to Lax in the Foreseer Reporting Software (FRS). Absence of this secure flag could lead into the session cookie being transmitted over unencrypted HTTP connections. This security issue has been resolved in the latest version of FRS v1.5.100.
Affected products
1- Range: < 1.5.100
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.