CVE-2024-47833

Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

### Summary Session cookie is without Secure and HTTPOnly flags. ### Details Please take a look at this part of code (PoC screenshot) or check code directly (provided in Occurrences section below) **Occurrences**: https://github.com/Avaiga/taipy/blob/develop/frontend/taipy-gui/src/components/Taipy/Navigate.tsx#L67 **Proposed remediation:** add Secure and HTTPOnly flags for cookies. It could be like this: document.cookie = `tprh=${tprh};path=/;Secure;HttpOnly;`; ### PoC **Screenshot**:  ### Impact **Secure**: This flag indicates that the cookie should only be sent over secure HTTPS connections. Without this flag, the cookie will be sent over both HTTP and HTTPS connections, which could expose it to interception or tampering if the connection is not secure. **HttpOnly:** This flag prevents the cookie from being accessed by client-side JavaScript. It helps mitigate certain types of attacks, such as cross-site scripting (XSS), by preventing malicious scripts from accessing the cookie's value. **References** CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute https://cwe.mitre.org/data/definitions/614.html CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag - https://cwe.mitre.org/data/definitions/1004.html OWASP - Secure Cookie Attribute - https://owasp.org/www-community/controls/SecureCookieAttribute Cookie security flags - https://www.invicti.com/learn/cookie-security-flags/ Cookie lack Secure flag - https://support.detectify.com/support/solutions/articles/48001048982-cookie-lack-secure-flag **Other**: Title: Encrypting the Web URL: https://www.eff.org/encrypt-the-web Update (Required advisory information) - added severity, resource: https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set Best regards,

Taipy es una librería Python de código abierto que permite el desarrollo de aplicaciones de extremo a extremo para científicos de datos e ingenieros de aprendizaje automático. En las versiones afectadas, las cookies de sesión se envían sin los indicadores Secure y HTTPOnly. Este problema se ha solucionado en la versión 4.0.0 y se recomienda a todos los usuarios que actualicen la versión. No se conocen workarounds para esta vulnerabilidad.