Information Disclosure: Frontend Guessable Cookie Value¶

Identifier: guessable_cookie_value

Scanner(s) Support¶

Description¶

Using easily guessable values for cookies can make your application vulnerable to session hijacking and other security issues. Attackers could potentially guess valid cookie values and impersonate legitimate users.

References:

• https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html

Configuration¶

Example¶

Example configuration:

---
security_tests:
  guessable_cookie_value:
    skip: false

Reference¶

skip¶

Type : boolean

Skip the test if true.