CVE-2026-49977 | tarteaucitron.js 1.13.1/1.20.1/1.22.0/1.29.0 Cookie tarteaucitron.cookie.purge cookie httponly flag

SecurityVulns

A vulnerability was found in tarteaucitron.js 1.13.1/1.20.1/1.22.0/1.29.0. It has been classified as problematic. Affected by this issue is the function tarteaucitron.cookie.purge of the file tarteaucitron.js of the component Cookie. Performing a manipulation results in cookie without ‘httponly’ flag.

This vulnerability is reported as CVE-2026-49977. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More