In JetBrains Datalore before 2026
In JetBrains Datalore before 2026.1 session hijacking was possible due to missing secure attribute for cookie settings
Exploitability
AV:A
AC:L
PR:N
UI:R
Scope
S:U
Impact
C:H
I:L
A:N
6.3/CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Other
CWE-614