|
CWE-294
|
Authentication Bypass by Capture-replay
|
|
CWE-319
|
Cleartext Transmission of Sensitive Information
|
|
CWE-522
|
Insufficiently Protected Credentials
|
|
CWE-523
|
Unprotected Transport of Credentials
|
|
CWE-614
|
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
|